Internati
o
nal
Journal of Ele
c
trical
and Computer
Engineering
(IJE
CE)
V
o
l.
6, N
o
. 2
,
A
p
r
il
201
6, p
p
.
77
0
~
77
7
I
S
SN
: 208
8-8
7
0
8
,
D
O
I
:
10.115
91
/ij
ece.v6
i
2.8
919
7
70
Jo
urn
a
l
h
o
me
pa
ge
: h
ttp
://iaesjo
u
r
na
l.com/
o
n
lin
e/ind
e
x.ph
p
/
IJECE
HASBE Access Control Model wi
th Secure Key Distribution
and Effi
cient Domain Hi
erarch
y for Cl
ou
d Comp
uting
R
a
j
a
nikanth A
l
uva
l
u*
, Vanraj
Ka
mliya*
*,
L
a
ksmi Mudda
n
a
***
* Department of
Computer Scien
ce
&
Engineerin
g, GITAM Univ
ersity
, India
** Departmen
t
o
f
computer
Science, Glori
ous Co
lleg
e
of
Computer Science, India
*** Departmen
t
of Information
Tec
hnolog
y
,
GITAM University
,
India
Article Info
A
B
STRAC
T
Article histo
r
y:
Received Aug 28, 2015
Rev
i
sed
D
ec 25
, 20
15
Accepte
d Ja
n
9, 2016
Cloud com
putin
g refers to th
e
utili
t
y
com
putin
g m
odel, where virtualized
resources are
provided on demand over
interne
t
. It is a
distributed
commodity
s
y
stem and provides access to
authorized users. Cloud
computing
virtualizes s
y
stem by
pooling resources from commodity
hardware and
supports m
u
lti tenancy
.
Cloud
consists of
user’s confident
i
al
data. Clou
d
computing should ensure security
for user data
on cloud b
y
pro
v
iding fine
grained access control. Tr
adition
a
l acce
ss control models are not sufficien
t to
cater
application
s
running on
clo
ud due
to its d
ynamic nature.Various access
control models
are proposed
for cloud comp
uting using attr
ibute b
a
sed
encr
y
p
tion (ABE). All th
e proposed
mo
dels suffered
from various
drawbacks. Among the proposed models
HASB
E proved as best in terms of
flexibi
lit
y,
sc
al
a
b
ilit
y
and
fine
-
g
rained
a
ccess
control
.
Howev
e
re HAS
BE
fails in supporting hierar
ch
ical domain structure. In
this pap
e
r, we had
proposed improved “Hierar
c
hical
attr
i
bute-set-b
a
sed en
cr
y
p
tion
”
(HASBE)
acc
es
s
control
with a h
i
erar
chi
cal
as
s
e
m
b
l
y
of
roles
with r
e
s
p
ect
to th
eir
attribu
t
e v
a
lues
in flexib
le dom
ain hi
erarch
y s
t
r
u
cture
and with
predefin
ed
Secure k
e
y
d
i
stribution policy
.
Keyword:
Access c
o
ntrol
Attribu
t
e-set
Data Secu
rity
Decry
p
tion
En
cry
p
tio
n
Copyright ©
201
6 Institut
e
o
f
Ad
vanced
Engin
eer
ing and S
c
i
e
nce.
All rights re
se
rve
d
.
Co
rresp
ond
i
ng
Autho
r
:
R
a
jani
Ka
nt
h Al
u
v
al
u,
R
e
search
Sc
ho
l
a
r,De
part
m
e
nt
o
f
C
o
m
put
er
S
c
i
e
nce &
En
gi
neeri
n
g
,
Sch
ool
o
f
Tec
h
nol
ogy
,
G
I
T
A
M
Uni
v
ersi
t
y
,
Hy
de
raba
d,
I
n
di
a
Em
a
il: raj
a
n
i
k.rk
cet@g
m
a
il.c
o
m
1.
INTRODUCTION
Cloud com
puti
n
g has
prom
ptly becom
e
an exte
nsi
v
ely
accepted
m
odel for provi
ding services on
d
e
m
a
n
d
ov
er t
h
e in
tern
et. Clo
u
d
co
m
p
u
tin
g
supp
orts
m
u
lti ten
a
n
c
y an
d
clou
d
u
s
er l
o
o
s
es d
a
ta own
e
rsh
i
p
o
n
ce st
o
r
ed
on clo
u
d
.
Clo
u
d
serv
ice pro
v
i
d
e
r h
a
s to
en
sure reliab
ility
an
d
secu
rity o
f
u
s
er’s con
f
i
d
en
tial d
a
ta.
Huge am
ount
of s
u
c
h
data is
store
d
on the
c
l
oud. T
o
e
n
sure security of the store
d
data
,
Access c
ont
rol
m
odels
are wi
del
y
u
s
e
d
. [
1
]
.
O
r
gani
zat
i
o
s are ge
n
e
rat
i
ng
h
uge
data fro
m
th
eir d
a
y to
d
a
y tran
saction
s
.
Hug
e
d
a
ta
st
or
ge an
d m
a
int
a
i
n
anc
e
i
s
b
u
r
d
e
n
t
o
o
r
ga
n
i
zat
i
ons. T
h
ey
can st
ore t
h
ei
r dat
a
o
n
cl
o
u
d
usi
ng se
r
v
i
ces l
i
k
e
Am
azo
n
s3
,
wh
ich
prov
id
es sto
r
ag
e serv
ice
o
n
clou
d.
Cloud
b
a
sed
storage serv
ices su
ppo
rt m
u
lti ten
a
ncy an
d
u
s
ers loo
s
e th
eir d
a
ta
o
w
n
e
rsh
i
p
on
ce stored on
clou
d.
Data security o
n
such
m
u
lti ten
a
n
t
sto
r
ag
e serv
ices can
be provide
d
by using acces
s
control m
odels. Access c
ont
rol m
eans restricting access to res
o
urce,
node etc.
The act of
res
t
riction m
eans, approval to a
ccess a re
sou
r
ce is requ
ired
, we call it as au
tho
r
ization
.
Th
e
traditional acc
ess control models li
ke
DAC (“Disc
re
tionary Access
Control”),
M
A
C (“Mandatory Acces
s
Control”), RB
AC (“R
o
le
ba
sed acce
ss c
o
ntrol”) a
n
d
ABAC (“
Attribute Base
d
Ac
cess Control”) are
not
suf
f
i
c
i
e
nt
f
o
r
r
e
qui
red
secu
ri
t
y
l
e
vel
s
. Lat
e
r
vari
ou
s at
t
r
i
b
ut
e base
d e
n
c
r
y
p
t
i
on sc
hem
e
s are
pr
o
pose
d
[2]
.
At
t
r
i
b
ut
e base
d enc
r
y
p
t
i
o
n (
A
B
E
) m
odel
s
are p
r
o
p
o
sed
by Sah
a
i and
Waters in
20
05
[3
] [4
].
ABE allo
ws
u
s
ers to
en
cry
p
t and
d
ecry
p
t d
a
ta using
their attrib
u
t
es
.
User’s sec
r
et
key and ciphe
r-text a
r
e a
d
junct on
attrib
u
t
es.
User can
d
ecry
p
t cip
h
e
r tex
t
on
ly if th
e set o
f
at
t
r
i
but
es
of
user
key
are eq
ui
v
a
l
e
nt
t
o
t
h
e at
t
r
i
but
e
s
Evaluation Warning : The document was created with Spire.PDF for Python.
I
S
SN
:
2
088
-87
08
IJEC
E V
o
l
.
6, No
. 2, A
p
ri
l
20
16
:
77
0 – 7
7
7
77
1
of t
h
e ci
p
h
er t
e
xt
. I
n
“at
t
r
i
b
ut
e
base
d enc
r
y
p
t
i
on”
(AB
E
) sc
h
e
m
e
t
h
e dat
a
o
w
ne
r
has t
o
us
e user
’s P
K
(“
Pu
bl
i
c
Key”) to e
n
crypt data. In la
ter tim
e
various ABE
base
d access control schem
e
s have been
propos
e
d to
ove
rc
om
e
usi
ng user
’s p
ubl
i
c
key
f
o
r
enc
r
y
p
t
i
ng dat
a
.
Key P
o
licy Attribute B
a
sed
Encrypti
o
n (KP-ABE):
KP
-AB
E
was de
v
e
l
ope
d by
G
o
y
a
l
et
al i
n
200
6 [
2
]
whi
c
h i
s
an e
n
hance
d
m
odel
of
AB
E.
In
KP
-AB
E
ci
phe
r t
e
xt
i
s
associ
at
e
d
wi
t
h
a set
of
at
t
r
i
but
es an
d
user
’
s
decry
p
tion key
is ass
o
ciated
with a
m
onotonic
tree access structure [2].
In
this
m
odel user ca
n
decry
p
t
ciphe
r
text, only whe
n
the
attributes
associated wit
h
the
cipher texts satisfy the
tree access
structure.
Ci
pher te
xt P
o
l
i
c
y A
ttri
b
u
t
e B
a
sed E
n
cr
ypti
on (
C
P
-
A
B
E
)
:
Th
is is an
altern
ativ
e mo
d
e
l of ABE i
n
v
e
n
t
ed
by
Sa
hai
[
3
]
.
B
y
usi
n
g C
P
-
A
B
E
we can
s
t
ore
dat
a
i
n
e
n
cry
p
t
e
d
f
o
rm
on
unt
r
u
st
e
d
ser
v
er a
n
d m
a
i
n
t
a
i
n
dat
a
confide
n
tiality [5] .Dat
a owner e
n
crypts data and store
s
it on cl
oud
with associate
d
acess struct
ure ove
r
attributes. T
o
decry
p
t the ciphe
r text, t
h
e
data cons
um
er’s attributes ha
s to qualify the ciphe
r-te
x
t’s
access
structure.
Hierarchic
al Attribute Set-
Based Encryption
(H
ASB
E
):
m
odel
was i
nvent
e
d
by
Wan
g
et
al
[6]
.
It
i
s
com
b
i
n
at
i
on o
f
(“
HIB
E
”
)
an
d “C
P-
AB
E”.
H
A
S
B
E
m
odel
has the hie
r
a
r
chical structure of use
r
s.
HASB
E
stru
cture con
t
ain
s
a roo
t
m
a
ster at th
e to
p
,
fo
llowe
d
b
y
mu
ltip
le d
o
m
ain
m
a
sters. Each
d
o
m
ain
m
a
ste
r
will
have set of
use
r
s and each use
r
contains set of attributes
[7]. To protect sensitive data from rivalaries, the data
i
s
st
roe
d
i
n
en
cry
p
t
e
d
f
o
rm
on
ser
v
er
s,
wh
i
l
e
t
h
e decry
p
t
i
on
key
s
a
r
e d
i
scl
o
sed t
o
a
u
t
h
o
r
i
zed
use
r
s
onl
y
.
HA
SB
E sche
m
e
al
so suffe
ri
n
g
fr
om
vari
ous s
h
o
r
t
co
m
i
ngs, h
o
w
ev
er an ef
fi
ci
en
t
key
m
a
nagem
e
n
t
mech
an
ism
is
requ
ired
to
d
i
stribu
te d
ecryp
tio
n
k
e
ys t
o
au
thorised
u
s
ers, wh
ich
i
s
v
e
ry d
i
fficult. Th
is
ap
pro
ach
lack
s scalab
ility
an
d flex
ib
ility in
t
e
rm
s o
f
u
s
er set an
d
do
m
a
in
l
e
v
e
ls; as th
e n
u
m
eral o
f
leg
a
l u
s
ers
b
eco
m
e
s larg
e, th
e so
lu
ti
o
n
will n
o
t
b
e
efficien
t and
p
e
rforman
ce d
e
grad
es. Th
e
d
a
ta own
e
rs are requ
ired
to
b
e
on
lin
e all th
e ti
m
e
so
as t
o
en
cryp
t or re-en
c
ryp
t
d
a
ta an
d
d
i
stribu
te Keys to
au
thorize u
s
ers [8
]. In
th
is
pape
r we had Ext
e
n
d
e
d
H
A
S
B
E
(“
Hi
erarc
h
i
cal
At
t
r
i
b
ut
e
Set
-
B
a
sed
En
cry
p
t
i
o
n”)
by
pr
o
posi
n
g
sec
u
re
key
distribution wi
th im
prove
d
dom
a
in hier
arc
hy of
use
r
roles
to access t
h
e fi
les store
d
on
c
l
oud [9]. R
o
le
base
d
hi
erarc
h
y
hel
p
ed us i
n
o
v
e
r
c
o
m
i
ng t
h
e pr
o
b
l
e
m
of dat
a
o
w
ne
r an
d dat
a
con
s
um
er (pr
o
bl
em
:
dat
a
owner m
u
st
b
e
always
on
lin
e for k
e
y
d
i
strib
u
tion
)
. Th
e ro
o
t
au
tho
r
ity called
as tru
s
ted au
tho
r
ity will
b
e
always
on
lin
e an
d
will d
i
strib
u
t
e
k
e
ys to
th
e au
t
h
orized
u
s
ers satisfyin
g
th
e po
licy in
a
m
o
re secu
re way.
Th
e d
a
ta own
e
r will
store t
h
e
data
on the cl
oud a
n
d will share t
h
e access
policy with truste
d a
u
thor
ity. Trusted aut
h
ority will
di
st
ri
b
u
t
e
key
s
based
on
dat
a
ow
ner
’
s p
o
l
i
c
y
t
h
at
are pr
edefine
d
. For exa
m
ple whenev
er an authoriz
ed us
e
r
gets logge
d
on to t
h
e syste
m
and request
for
file
access, trusted a
u
thority ve
rifies t
h
e re
quested
users
attributes ca
pt
ure
d
at t
h
e time of
user
reg
i
stratio
n with d
a
t
a
own
e
rs access
po
licy. If
requ
ested u
s
er
s att
r
ibu
t
es
qualifies use
r
’s access
policy the trus
ted a
u
thority will
provide
access
righ
ts by
provi
d
ing specific
key for
specific file.
Here we a
r
e com
b
ining
the HASBE
with Role based
Acces
s c
ont
rol m
ode
l [10] [11] [12]. This
h
e
lp
s
u
s
t
o
redu
ce th
e
system ti
m
e
an
d
m
a
k
e
easy record
fetch
facility i
n
m
o
re flex
i
b
l
e
m
a
n
n
e
r im
p
r
o
v
i
n
g
ove
ral
l
pe
rf
or
m
a
nce.
2.
E
X
ISTING SYSTEM
T
r
usted
Aut
h
ority
Fi
gu
re
1.
Use
r
l
e
vel
hi
era
r
c
h
y
o
f
H
A
SB
E
[
7
]
Dom
a
in
Au
t
h
ority
Dom
a
in
Au
t
h
ority
Dom
a
in
Au
t
h
ority
Data
C
ons
um
er
D
a
ta Own
er
Access
En
cry
p
ted
File
C
l
ou
d Se
rvi
ce
Provi
d
e
r
Evaluation Warning : The document was created with Spire.PDF for Python.
I
J
ECE
I
S
SN
:
208
8-8
7
0
8
HAS
BE Access Con
t
ro
l Mod
e
l with
S
e
cu
re K
ey Distribu
tio
n an
d Efficien
t
Doma
in
…
(
R
a
j
ani
K
ant
h Al
u
v
al
u)
77
2
Major roles in existing sys
t
e
m
are “Data Owne
r”
, Dat
a
Cons
um
er”, “Dom
ain Authority” and
“Tru
st
ed A
u
t
h
ori
t
y
”. As di
sc
usse
d earl
i
e
r u
s
er st
ores e
n
cr
y
p
t
e
d dat
a
o
n
cl
ou
d, w
h
i
c
h
can be re
gai
n
e
d
b
y
decry
p
t
i
n
g
t
h
e
sam
e
usi
ng
pri
v
at
e key
pr
o
v
i
d
ed
. T
h
i
s
hel
p
s u
s
i
n
m
a
in
tain
in
g
t
h
e stor
ed
d
a
ta
confid
en
tial.
As
sh
own
in Figu
re 1 h
i
g
h
e
r l
e
v
e
l au
t
h
ority au
thorise
low
e
r lev
e
l au
th
orities. Th
e
b
i
gg
est issu
e
in
cloud
co
m
p
u
tin
g
is lo
ss
o
f
d
a
ta own
e
rsh
i
p.
Wh
enev
er d
a
ta
owner
u
p
l
o
a
d
s
a
file, h
e
will g
e
nerate secret
k
e
y for
each
file and
data consum
er has t
o
re
quest for the
key from
data owne
r. Cons
um
er will decrypt the
data
using
t
h
e key. The
e
n
tire hierarchy of
the
syste
m
u
s
er
s is as show
n in
Figu
r
e
2
C = {C1
,
C2,
C3
, C
4
}
Whe
r
e,
C
i
s
cl
ou
d
C1
is presi
d
ent
.
C2 is
vice pres
ident.
C
3
i
s
t
h
e
l
i
s
t
of
su
peri
nt
en
dant
s.
C4
is th
e list o
f
em
p
l
o
y
ees
.
Fi
gu
re
2.
D
o
m
a
i
n
Hi
e
r
arc
h
y
[
7
]
As sh
o
w
n i
n
F
i
gu
re 2
user
h
a
s t
o
regi
st
er
b
y
pro
v
i
d
i
ng at
t
r
i
b
ut
e val
u
es
.
Once
use
r
re
gi
st
erat
i
on i
s
do
ne,
C
1
(“p
r
e
s
i
d
ent
”
)
ap
pr
o
v
es al
l
t
h
e i
n
f
o
rm
ati
on o
f
use
r
an
d C
1
pr
ovi
des
useri
d
a
nd
pass
wo
rd
t
o
t
h
e use
r
.
User
will sto
r
e all d
a
ta
in
en
cryp
ted
form
at
u
s
ing
PK
(“pub
lic k
e
y”) and
u
s
er can
regain d
ecryp
ted
d
a
t
a
fro
m
the cloud
using PK (“
public
key”)
a
nd
PR
K (“
pri
v
ate ke
y”) provide
d
by data owne
r.
Data owne
r ca
n access
his own data by
using pri
v
a
t
e
ke
y
a
n
d pa
ssword provided. Whe
n
C
2
(“vice preside
n
t”) wa
nts
to access
em
pl
oy
ee’s at
t
r
i
b
ut
e t
h
en M
K
(“M
a
st
er
ke
y
”
) i
s
used
, w
h
i
c
h i
s
p
r
o
d
u
c
e
d by
pi
c
k
i
n
g
t
h
e at
t
r
i
but
es f
r
om
t
h
e
av
ailab
l
e set. If an
y low
e
r level au
th
ority is o
f
flin
e or
n
o
t
respo
n
d
i
ng
th
en h
i
gh
er lev
e
l au
tho
r
ity w
ill resp
ond
to all the requests of lower a
u
thor
ities [7].
The C2 (vice-presi
d
ent
)
w
ill allocate access rights a
nd
di
rect the
em
pl
oy
ees u
n
d
er
hi
m
.
Henc
e t
h
e adm
i
ni
st
rat
i
on
o
f
assi
g
n
m
e
nt
of t
a
sk
s
t
o
em
pl
oy
ees sh
oul
d
be d
o
n
e i
n
a
m
e
t
hod t
h
at
i
s
kn
ow
n t
o
hi
m
s
el
f by
im
medi
at
e dom
ai
n aut
h
o
r
i
t
y
wi
t
h
t
h
e ap
pr
o
v
al
of “p
resi
de
nt
” i
n
ro
ot
dom
ai
n [
7
]
.
3.
PROBLEM DEFINITION
C
l
ou
d’s
dy
na
m
i
c nat
u
re a
n
d o
r
gani
zat
i
o
n
a
l
wo
rk
dem
a
nds
fl
e
x
i
b
l
e
A
ccess co
nt
r
o
l
m
odel
s
wi
t
h
encry
p
tion. Da
ta
owne
rs
a
r
e facing
a serious risk
of
c
o
rrupting or
m
i
ss
ing
t
h
eir data because of
lack of
phy
si
cal
cont
r
o
l
ove
r t
h
ei
r out
s
o
urce
d dat
a
. Access co
n
t
rol
m
odel
s
ha
ve t
o
ove
rc
om
e t
h
i
s
securi
t
y
ri
sk.
Ho
we
ver
,
t
r
adi
t
i
onal
Access
C
ont
r
o
l
m
echani
s
m
s
are based o
n
st
at
i
c
pol
i
c
i
e
s whi
c
h m
a
ke t
h
em
t
oo ri
gi
d t
o
h
a
nd
le th
e co
mp
lex
situ
atio
ns
in
d
y
n
a
m
i
c clo
u
d
.
Th
e
d
a
ta
own
e
r an
d d
a
ta consu
m
er will no
t b
e
always
on
lin
e. Data
co
nsu
m
er
requ
ired
secret k
e
y
t
o
decry
p
t
dat
a
fi
l
e
st
ore
d
o
n
cl
o
u
d
.
F
o
r
sec
r
et
key
dat
a
c
o
ns
u
m
er has t
o
wai
t
f
o
r
dat
a
ow
ne
r
t
o
c
o
m
e
onl
i
n
e.
The an
ot
her
pr
obl
em
i
n
exi
s
t
i
ng sy
st
em
i
s
di
spl
a
y
i
ng w
h
ol
e dat
a
associ
at
ed t
o
t
h
e
dem
a
nde
d
que
ry
even though the use
r
re
quests
fewe
r
data
due to lack of
do
m
a
i
n
l
e
vel
hi
er
archy
.
C
o
nsi
d
e
r
i
f
use
r
w
a
nt
t
o
fet
c
h
o
n
l
y th
e d
a
taof sin
g
l
e stud
ent fro
m
scien
ce d
o
m
ain
th
en
it is n
o
t
p
o
ssi
ble fo
r th
e syst
e
m
to
fetch
specifi
c
sp
ecific d
a
ta, in
stead
it fetches th
e who
l
e data o
f
all th
e d
o
m
ain
s
. Du
e to
th
is, th
e ti
m
e
tak
e
n
to
g
e
t th
e d
a
ta
C
Evaluation Warning : The document was created with Spire.PDF for Python.
I
S
SN
:
2
088
-87
08
IJEC
E V
o
l
.
6, No
. 2, A
p
ri
l
20
16
:
77
0 – 7
7
7
77
3
and
q
u
ery
pr
oc
essi
ng i
s
hi
g
h
.
The sy
st
em
respo
n
se t
i
m
e wi
l
l
b
e
d
e
layed, th
er
eb
y r
e
d
u
cing
th
e
ov
er
all syste
m
per
f
o
r
m
a
nce.
4.
R
E
SEARC
H M
O
D
EL
Figure
3. Sub-Dom
a
in Level
User Hie
r
ar
c
h
y in E
n
hance
d
HASBE accces
s control m
odel
4.
1. Sub
-D
om
ai
n Crea
ti
o
n
As s
h
own in
Figure 3, we
ha
d propose
d
a
n
d an im
prove
d
HASB
E access
cont
rol m
odel
by creating
a su
b-
d
o
m
a
i
n
bel
o
w t
h
e
m
a
in
dom
ai
n.eg i
f
t
h
e d
o
m
a
i
n
i
s
engi
neeri
n
g
t
h
e
n
bel
o
w t
h
e
En
gi
nee
r
i
n
g
dom
ai
n,
we
can create bra
n
ch s
p
ecific sub dom
a
ins like IT, C.E, Mech
En
gg et
c. At
t
h
e t
i
m
e
of user regi
st
rat
i
o
n,
wi
t
h
respect to the data provi
de
d, user
will be associated
with particular sub dom
a
in unde
r the
m
a
in dom
ain. Thi
s
hel
p
s us
i
n
res
o
l
v
i
n
g
t
h
e pr
o
b
l
e
m
of
search
i
ng wh
ol
e
da
ta
associated to t
h
e dem
a
nde
d query, instead s
p
ecific
d
a
ta will b
e
search
ed
i.e.
o
n
l
y su
b do
m
a
in
d
a
ta can b
e
d
i
sp
layed
instead
o
f
en
tire
do
m
a
in
. Th
is m
o
d
e
l h
e
lps
u
s
in
redu
cing
th
e ti
m
e
tak
e
n
to
fetch
t
h
e d
a
t
a
, d
e
cr
easing overall query
processi
ng
tim
e
an
d
fin
a
lly redu
ces
o
v
e
rall syste
m
respo
n
se ti
m
e
. Sub
-
do
m
a
in
creatio
n
o
p
tim
izes syste
m
p
e
rfo
r
m
a
n
ce. Data o
w
n
e
r will n
o
t
be
o
n
lin
e always;
th
is resu
lts in difficu
lty in
k
e
y
d
i
stribu
tio
n.
I
n
ou
r e
n
hance
d
HA
SB
E,
dat
a
o
w
ne
r s
h
a
r
es
secret
key, m
a
ster ke
y and pa
rticul
ar access
policy with the
trus
ted
aut
h
ority, immediately after uploadi
ng
fi
le in
clo
u
d
.
Th
e tru
s
ted
au
tho
r
ity will b
e
always o
n
lin
e.
Wh
en
ever d
a
ta con
s
u
m
er wan
t
s to
access a p
a
rticu
l
ar file
send
s requ
est
for k
e
y to
th
e tru
s
ted
au
tho
r
i
t
y. In
tu
rn
tru
s
ted
au
tho
r
ity will v
e
rify requ
ested
u
s
er attribu
t
es
with
policy, if m
a
tches, the
user
will
be al
lowe
d t
o
acce
ss the
file,
otherwise
the acc
ess will
be
de
nied.
Access policies are defi
ned by data owner. Acces
s po
licy consists of
user a
ttributes com
b
ined with
conditions.
Whene
v
e
r
data c
onsum
er
reque
s
t for acce
ss, t
r
uste
d aut
h
ority
verifies acce
ss policy provi
d
ed
by
the data owner with the attributes of
re
quest
ed use
r
, if c
o
nsum
er satisfies t
h
e access
polic
y secret key will be
pr
o
v
i
d
e
d
t
o
t
h
e
co
ns
um
er, by
usi
n
g
whi
c
h
he
/
s
he ca
n
decry
p
t
t
h
e
fi
l
e
.
4.2.
Access
P
o
licy Cre
a
ti
on
Dat
a
ow
ne
r wi
l
l
defi
ne p
o
l
i
c
y
for eac
h fi
l
e
and st
ores
en
cry
p
ted
file on
shar
ed stora
g
e with specific
file-id.
Defi
ne
d policy will restrict access of the file to
unauthorize
d
use
r
s.
Access c
ont
rol
policies will hel
p
data owne
r in
protecting
his secure
data from unaut
horized access. Use
r
s
re
gister wit
h
sy
stem by provi
ded
th
eir d
e
p
a
rtm
e
n
t
, ro
le,
ag
e, gen
d
e
r
i
n
fo
rm
at
io
n
.
Th
is re
g
i
stratio
n
i
n
fo
rm
atio
n
will b
e
con
s
id
ered as attribu
t
e
v
a
lu
es. Access righ
ts will b
e
g
i
v
e
n
to
u
s
ers
with
m
a
tc
h
i
n
g
attrib
u
t
e v
a
lu
es
with
resp
ect to
th
e p
o
licy
defin
e
d
by
dat
a
o
w
ne
r
.
C
o
m
p
l
e
x p
o
l
c
i
e
s can
be
d
e
fi
ne
d by
c
o
m
b
i
n
i
ng m
u
l
t
i
pl
e at
t
r
i
b
ut
es
usi
n
g “
A
n
d
”&
“OR
”
conditions.
Dat
a
owne
r ca
n al
so
use “a
nd” & “OR” c
o
nd
itions t
oget
h
er i
n
single
policy.
Access policies like:
Evaluation Warning : The document was created with Spire.PDF for Python.
IJECE
ISS
N
:
2088-8708
HAS
BE Access Con
t
ro
l Mod
e
l with
S
e
cu
re K
ey Distribu
tio
n an
d Efficien
t
Doma
in
…
(
R
a
j
ani
K
ant
h Al
u
v
al
u)
77
4
1. De
pi
d=EC
&
R
o
l
e
=
F
acul
t
y
2.
De
pi
d=EC
o
r
D
e
pi
d=C
E
or
De
pi
d =
I
T a
n
d R
o
l
e
=St
u
den
t
3. De
pi
d=
IT or
De
pi
d=C
E
o
r
Depi
d-EC
o
r
a
g
e=>2
0
4.
De
pi
d
!
=EC
& R
o
l
e
=
F
acul
t
y
In
abo
v
e
ex
amp
l
e th
e fi
rst con
d
ition
d
e
scri
bes th
at u
s
er
from EC d
e
p
a
rtm
e
n
t
and
h
i
s/h
e
r ro
le m
u
st b
e
facu
lty.
If
use
r’s
De
pa
rtm
e
nt is EC and
his/her role
i
s
fac
u
lty then user ca
n access
the
file.
In
to
t
h
e second
cond
itio
n
Dep
a
rtm
e
n
t
id
mu
st b
e
eith
er IT o
r
CE
o
r
EC
an
d
ro
le m
u
st b
e
stud
en
t so
th
is is a
Co
m
b
in
atio
n
of “And
” and
“OR” Cond
itio
n.
Th
ird
co
nd
ition
is
b
a
sed
o
n
“OR” an
d “OR” con
d
ition
.
In
fourth c
o
ndition if
depi
d i
s
not equal to
EC and Ro
le i
s
equal to
fac
u
lty then
use
r
can access
the
file.
Sim
i
l
a
rl
y
dat
a
ow
ne
r ca
n
defi
ne
pol
i
c
y
o
f
hi
s ch
oi
ce
usi
n
g
al
l
(“an
d”, “
O
R
”
,”=”,””)
“! =”,”>
or <
or <=
or =>”.
4.
3. E
n
cry
pti
o
n a
nd
Decr
ypt
i
on
In
o
u
r
pr
o
p
o
s
ed sy
st
em
encry
p
t
i
o
n an
d
d
ecry
p
t
i
o
n o
f
d
a
t
a
fi
l
e
st
ore
d
on
cl
o
ud i
s
do
ne
usi
n
g
B
l
owfi
s
h
al
g
o
r
i
t
h
m
[13]
.Use
r has t
o
fi
rst
e
n
cry
p
t
t
h
e fi
l
e
bef
o
re st
o
r
i
n
g
i
t
on cl
ou
d. I
n
ot
he
r ha
nd co
n
s
um
er
h
a
s t
o
fi
rst down
l
o
a
d th
e
file to
th
e pr
efe
r
r
e
d
l
o
cat
i
o
n an
d per
f
o
r
m
decry
p
t
i
o
n
.
4.
3.
1. B
l
ow
Fi
sh Al
gori
t
hm
B
l
owfi
s
h
i
s
a po
p
u
l
a
r key
e
d,
sym
m
e
t
r
i
c
cr
y
p
t
o
g
r
a
phi
c al
go
ri
t
h
m
desi
gned
by
B
r
uce
Sch
n
ei
er i
n
19
9
3
an
d pl
ac
ed i
n
t
h
e
pu
bl
i
c
dom
ai
n [1
3]
.
It
i
s
i
d
eal
fo
r
dat
a
exp
o
r
t
i
n
g an
d ha
s a 6
4
bi
t
bl
oc
k si
z
e
wi
t
h
vari
a
b
l
e
key
l
e
ngt
h
fr
om
32
bi
t
t
o
44
8
bi
t
s
. B
l
o
w
fi
s
h
i
s
i
n
cl
u
d
e
d
i
n
v
a
ri
o
u
s e
n
cry
p
t
i
o
n
base
d
p
r
o
duct
s
.
Incl
udi
ng S
p
l
a
sh I
D
.
B
l
ow
fi
s
h
’s sec
u
ri
t
y
i
s
hi
g
h
l
y
pr
ove
n
.
As a p
u
b
l
i
c
dom
ai
n ci
phe
r,
B
l
owfi
s
h
has
been
sub
j
ect
t
o
a si
gni
fi
cant
am
ount
of c
r
y
p
t
a
nal
y
si
s.
B
l
ow
fi
sh
i
s
al
so o
n
e o
f
t
h
e fast
est
bl
o
c
k ci
p
h
ers i
n
pu
bl
i
c
u
s
e. “Each lin
e rep
r
esen
ts
3
2
b
its. Th
e al
g
o
rith
m
main
ta
in
s tw
o
sub
-
k
e
y arr
a
ys: th
e
1
8
-
e
ntr
y
P-
ar
r
a
y an
d fo
ur
256-entry S-boxe
s. T
h
e S-boxe
s accep
t 8-bit input and produce
32-bit out
put.
One e
n
try of the P-a
rray is
use
d
every round, a
nd a
f
ter the fina
l round, each hal
f
of the
data bl
ock is XORed with one
of the two
rem
a
in
in
g
u
nused
P-en
tries.
Fig
u
re 4
rep
r
esen
ts Blo
w
fish's F-fu
n
c
tion
.
Th
e fu
n
c
tion
sp
lits th
e 3
2
-
b
it in
p
u
t
i
n
t
o
f
o
u
r
ei
ght
-
b
i
t
qua
rt
ers, a
n
d uses t
h
e
qua
r
t
ers as i
n
p
u
t
t
o
t
h
e S-b
o
x
e
s.
The o
u
t
p
ut
s ar
e adde
d M
o
dul
o 2
32
and
X
O
R
e
d t
o
pr
o
duce
t
h
e
fi
n
a
l
32
-
b
i
t
o
u
t
p
u
t
” [1
3]
.
4.
3.
2. Wor
k
i
n
g of
B
l
ow
fi
sh Al
g
o
ri
thm
Fi
gu
re
4.
The
Fei
s
t
e
l
st
ruct
u
r
e o
f
B
l
o
w
fi
s
h
[
13]
As s
h
o
w
n i
n
Fi
gu
re 4
,
“B
l
o
wf
i
s
h i
s
a Fei
s
t
e
l
net
w
or
k;
i
t
can
be i
n
vert
e
d
si
m
p
ly
by
XOR
i
ng
P1
7 a
n
d
P1
8 t
o
t
h
e ci
p
h
er
t
e
xt
bl
ock
,
t
h
en
usi
n
g
t
h
e
P-e
n
t
r
i
e
s i
n
r
e
verse
o
r
der.
B
l
owfi
s
h
’
s
ke
y
sche
dul
e st
a
r
t
s
by
in
itializin
g
th
e
P-array
and
S-box
es with
v
a
lu
es d
e
ri
v
e
d
fro
m
th
e h
e
x
a
d
e
ci
m
a
l d
i
g
its o
f
p
i
, wh
ich con
t
ain
n
o
o
b
v
i
ou
s p
a
ttern
.
Th
e secret
key is th
en
XORed
with
th
e P-en
tries in
order (cycling
t
h
e k
e
y if
n
ecessary).
A
6
4
-b
it all-zero
b
l
o
c
k
s
is th
en
en
cry
p
ted
with th
e alg
o
r
i
t
h
m
as i
t
st
ands. T
h
e res
u
l
t
a
nt
ci
phe
r t
e
xt
re
pl
a
ces P1
and P2. T
h
e ci
phe
r te
xt is the
n
e
n
cry
p
ted a
g
ain with th
e
ne
w s
u
b keys
, and P3 a
n
d P4 a
r
e re
placed
by t
h
e
new
ci
phe
r t
e
xt
. T
h
i
s
c
ont
i
n
ues
,
re
pl
aci
ng
t
h
e
ent
i
r
e
P-a
rra
y and
all th
e
S-box
en
tries. In
all, t
h
e B
l
o
w
fish
en
cry
p
tio
n algo
rith
m
will run 52
1 ti
m
e
s to
gen
e
rate all th
e
su
b keys -
abou
t 4KB
o
f
d
a
ta is pro
c
essed
”
[1
3
]
.
Evaluation Warning : The document was created with Spire.PDF for Python.
I
S
SN
:
2
088
-87
08
IJEC
E V
o
l
.
6, No
. 2, A
p
ri
l
20
16
:
77
0 – 7
7
7
77
5
5.
KEY GENE
RATIO
N
Th
e m
a
j
o
r functio
n
a
lities p
e
rform
e
d
in
th
is sectio
n ar
e sy
ste
m
setu
p
,
d
a
ta o
w
n
e
r gran
t, d
a
ta
u
s
er
gra
n
t, dom
a
in
hierarc
h
y setup, ge
ne
rating
new file,
da
ta integrity check, file acce
ss, availability check and
fi
l
e
del
e
t
i
on.T
h
e p
r
o
p
o
se
d sc
hem
e
consi
s
t
s
of
3 key
s
:
Pri
v
at
e, Pu
bl
i
c
and
M
a
st
er Key
.
We are
fol
l
o
wi
ng t
h
e
sam
e
k
e
y stru
ctu
r
e
o
f
ex
istin
g syste
m
. W
e
use Pub
lic k
e
y fo
r en
cry
p
tin
g th
e d
a
ta,
Pri
v
ate an
d
pu
b
lic
k
e
ys are
togethe
r
use
d
t
o
decry
p
t the
data and Master
key
is used
for accessing
the data
[6].
Setup
(d
)
:
d re
prese
n
t
s
t
h
e
de
pt
h
of
key
st
r
u
ct
ure. B
y
t
a
ki
n
g
de
pt
h pa
ram
e
t
e
r d as i
n
p
u
t
.
It
gi
ve
s a
pu
bl
i
c
key
(PK) and m
a
s
t
er key (MK).
KeyGen
(
M
K
,
u,
a)
:
Maste
r
k
e
y (MK) user id
en
tity an
d
attrib
u
t
es
o
f
k
e
y
structure a
r
e ta
ken as i
n
put to
gi
ve p
r
i
v
at
e ke
y
PR
K fo
r user
u.
Encrypt
(PK,
M)
:
Publ
i
c
key
(PK
)
, a
n
d a m
e
ssage
(M
), a
r
e
t
a
ken as a
n
i
n
put
fo
r gi
vi
n
g
ci
phe
r-t
ext
(C
T) as a
n
out
put
.
Decry
p
t
(CT, PRK)
:
C
i
pher
t
e
xt
(C
T
)
a
n
d
p
r
i
v
at
e
key
of
u
s
er
(PR
K
) a
r
e
t
a
ken
as a
n
i
n
p
u
t
f
o
r
decry
p
t
i
ng
t
h
e
file. It
outputs
a m
e
ssage (M). If t
h
e attribut
es ass
o
ci
ated with
t
h
e user private
k
e
y (PR
K
) m
a
tch
e
s with
th
e
access struct
ure of cipher te
xt (CT), t
h
en
it outputs
a
message M which is the ori
g
inal correct m
e
ssage
.
Ot
he
rwi
s
e,
m
is n
u
l
l
.
T
h
e m
odul
es
co
nsi
d
e
r
ed t
o
pe
rf
o
r
m
the a
b
o
v
e
o
p
era
t
i
ons a
r
e
Dat
a
Ow
ner
M
o
d
u
l
e
, Dat
a
C
ons
um
er M
o
dul
e,
C
l
o
u
d
Se
rve
r
M
o
d
u
l
e
;
At
t
r
i
b
ut
e bas
e
d
key
gene
rat
i
o
n M
o
d
u
l
e
[
6
]
.
6.
PERFO
R
MA
NCE A
NAL
Y
S
IS AN
D IMP
LEMENTATI
ON
In t
h
is section, we fi
rst analy
ze theoretical com
putation c
o
m
p
lexity of the proposed
sche
m
e
in each
ope
rat
i
o
n. The
n
we i
m
pl
em
ent
an en
hance
d
HASB
E
a
ppl
i
cat
i
on wi
t
h
s
u
b d
o
m
a
i
n
l
e
vel and co
n
duct
a
seri
es
of
ex
peri
m
e
nt
s t
o
e
v
al
uat
e
per
f
o
r
m
a
nce of
o
u
r
pr
op
ose
d
sc
h
e
m
e
.
We a
n
alyze the com
putation
com
p
lexity for each
syste
m
operation i
n
our
schem
e
as foll
ows
.
Sys
t
em Se
tup
:
-
Wh
en
th
e syste
m
is set u
p
,
the tru
s
ted
au
thority will select
a b
ilin
ear gro
u
p
and
so
m
e
rando
m
n
u
m
b
ers.
Wh
en
PK an
d
MK are g
e
n
e
rated
,
th
ere will b
e
sev
e
ral
Ex
pon
en
tiation
op
eration
s
. So
th
e
com
put
at
i
on c
o
m
p
l
e
xi
t
y
of
S
y
st
em Set
u
p
is
O (1
).
T
o
p-L
e
vel
Do
mai
n
Au
th
ori
t
y Gr
an
t
”-Process is executed by the
TA(“Trusted aut
h
ority”) The
MK( “Master
Key”) of a DA(“Dom
ain
Au
th
ority”) is in
th
e fo
rm
o
f
MKi
=
(“
A,
D,
Di,
D
j,
D
’
I,
D’
j Fo
r ai”,
”j
Belo
ng
s
to
A”,”
Ei fo
r
Ai €
A”)
whe
r
e “
A”
is a
k
e
y stru
ctu
r
e allied
with a “
N
e
w Do
ma
in autho
r
ity”
, Ai is
t
h
e set
of
A
.
Let
N
be t
h
e
n
u
m
b
er o
f
at
t
r
i
but
es i
n
A,
and
M
be
t
h
e
n
u
m
e
rous
g
r
ou
ps i
n
A.
Th
en t
h
e
com
putation
of MKi consists of two exponentiations
fo
r
each attribute
in “A” an
d
one exponentiations for
each
group in A. T
h
e c
o
mputation
i
n
tric
acy (“com
p
lexity
”) of “
T
op-Le
v
el
Do
m
a
in Authority” Grant
ope
rat
i
o
n i
s
O
(2
N+
M).
Sub-Dom
a
in Creation
: - Similar to
DA, pro
cess is ex
ecuted
b
y
th
e TA
an
d
th
e M
K
of su
b-do
m
a
in
is in
th
e fo
rm
o
f
MKi
=
(“
A,
D, Di,
Dj,
D’I
,
D’j F
o
r ai”
,
”
j
Belongs
to
A
”
,
”
Ei for Ai €
A”
)
where “
A”
is a
k
e
y stru
cture allied
with
a “
N
e
w Do
ma
in
a
u
tho
r
it
y”
, Ai
is the set
of
A.
Here
creati
o
n of the s
u
b-dom
ain
lev
e
l do
es
no
t in
crease an
y
k
i
nd
o
f
co
m
p
lex
ity as we
are no
t allo
cating
sep
a
rate
k
e
y
s
fo
r t
h
e sub
-
do
m
a
in
in
sid
e
of
th
e par
e
n
t
’s do
m
a
in
. K
e
ys
are allocated to only parent’s dom
a
in
.Hen
ce co
m
p
u
t
atio
n
co
m
p
lex
ity of
Su
b
dom
ai
n au
t
h
o
r
i
t
y
i
s
O(2N+M)
N
e
w U
s
er/Doma
in Autho
r
it
y
Gra
n
t
:
Ne
w use
r
or
new
dom
ai
n aut
h
o
r
i
t
y
/
s
ubd
om
ai
n i
s
associ
at
ed
with
attribu
t
e
sets, wh
ich are th
e sets of
th
at of
th
e
u
p
p
e
r lev
e
l
DA (“Do
m
a
in
Au
tho
r
ity”) t
h
e m
a
j
o
r
com
put
at
i
on
o
v
er
hea
d
o
f
t
h
i
s
m
odul
e i
s
re-
r
a
nd
om
i
z
i
ng t
h
e key
.
T
h
e c
o
m
put
at
i
on com
p
l
e
xi
t
y
i
s
O (2N
+
M)
.
Whe
r
e N i
s
t
h
e num
ber o
f
at
t
r
i
but
es i
n
t
h
e
set
of t
h
e
new
user
or
dom
ai
n aut
h
ori
t
y
, an
d
M
i
s
t
h
e num
ber
o
f
sets in
A.
New File sto
r
ing
: Th
e user n
eed
s to
en
cryp
t d
a
tafile us
in
g
th
e Blowfish
algo
rith
m
d
u
ring
file
creatio
n. Th
e co
m
p
lex
ity o
f
en
cry
p
ti
n
g
t
h
e
data file with
Blo
w
fish
Al
g
o
rith
m
d
e
p
e
nd
s
on th
e size of the
d
a
ta-
fi
l
e
.E
ncry
pt
i
n
g
usi
n
g B
l
ow
f
i
sh al
g
o
ri
t
h
m
cont
ai
n
s
t
w
o e
x
po
ne
nt
i
a
t
i
ons,
fo
r e
v
ery
f
o
l
i
a
ge l
u
m
p
i
n
T a
n
d
o
n
e
ex
pon
en
tiation for ev
ery in
terpretin
g
l
u
mp
in
T.
Th
e Co
m
p
u
t
atio
n Co
m
p
lex
ity
o
f
n
e
w
file sto
r
i
n
g
is
(“
2|
Y
|
+|
X
|
”).
Tabl
e
1. C
o
m
p
ari
s
o
n
of
com
put
at
i
on c
o
m
p
l
e
xi
t
y
Operations
Enhanced
HASB
E
H
A
SBE
[6]
Sy
ste
m
setup
O(
1)
O(|
Y
|
)
T
op-
L
e
vel DA Gr
ant
O(
2N+M)
User/DA
Gr
ant
O(2N+M
)
O(
|Y
|)
Sub-Do
m
a
in Gr
ant
O(2N+M
)
File Creat
ion
O(2
|
Y
|
+
|
X
|
)
O(|
1
|
)
File Deletion
O(
1)
O(
1)
Evaluation Warning : The document was created with Spire.PDF for Python.
I
J
ECE
I
S
SN
:
208
8-8
7
0
8
HAS
BE Access Con
t
ro
l Mod
e
l with
S
e
cu
re K
ey Distribu
tio
n an
d Efficien
t
Doma
in
…
(
R
a
j
ani
K
ant
h Al
u
v
al
u)
77
6
File Access:-
Here
to acces
s
file use
r
a
h
s t
o
perform
the “Decry
p
ting”
Ope
r
ation of
“
E
ncry
pted” da
ta
files.
As
d
i
scu
s
sed
Data o
w
n
e
r will “En
c
ry
p
t
” th
e d
a
ta file b
e
fo
re st
o
r
i
n
g
on
clou
d
u
s
ing
Blo
w
fish Alg
o
rith
m
an
d
th
en
“d
ecry
p
t” d
a
ta
files u
s
ing
Blow fish
algo
rit
h
m
.
W
e
w
ill d
i
scu
ss th
e co
m
p
u
t
atio
n
co
m
p
lex
ity o
f
t
h
e algorith
m
.
The com
l
exi
t
y
of “
D
ecry
p
t
i
ng” C
i
p
h
e
r
Te
xt
di
f
f
ers
base
d o
n
t
h
e
key
use
d
f
o
r “
D
ec
ry
pt
i
o
n”. E
v
en
fo
r a
particula
r
key,
the m
e
thods to fulfill the allied access
tree
may be diffe
rs. The algo
rithm
com
p
rises two j
o
i
n
t
actions for e
v
e
r
y singlefoliagelum
p
us
ed
to fulfill
the
tree, one pairi
ng fo
r each interpreti
ng l
u
m
p
on the
path
fr
om
t
h
e fol
i
a
ge l
u
m
p
use
d
t
o
t
h
e r
o
ot
an
d
one e
x
po
ne
nt
i
a
t
i
on f
o
r eac
h
l
u
m
p
on t
h
e
p
a
t
h
fr
om
t
h
e fol
i
a
ge
lum
p
to
the ori
g
in (“root”). So
th
e
com
putation c
o
m
p
lexity will be
base
d
on the access t
r
ee and
key structure.
It should
be noted that the “
D
ecry
p
tion” is
accom
p
lished at the data cons
um
er side. He
nce, its com
putation
co
m
p
lex
ity h
a
s slig
h
t
effect o
n
th
e “scalabilit
y’ o
f
th
e g
e
n
e
ral system
.
Th
e co
m
p
u
t
atio
n
co
m
p
lex
ity
o
f
file
access O(1).
7.
CO
NCL
USI
O
N
We
had e
x
pl
o
r
ed
vari
o
u
s at
t
r
i
but
e
base
d acc
ess co
nt
r
o
l
m
odel
s
f
o
r
cl
o
ud
com
put
i
ng a
n
d
de
vel
o
ped
an enha
nce
d
HASBE access
cont
rol m
odel, whic
h is hi
ghl
y efficient in
handling
dom
ain hie
r
arc
h
y.
We had
proved t
h
at, the com
p
lexity
of
HA
SBE ca
n be
reduce
d
and e
fficiency
can be im
proved
by increas
ing the
num
ber
of l
e
v
e
l
s
of
dom
ai
ns. I
n
f
u
t
u
re t
h
e sy
st
em
can be en
ha
nce
d
f
o
r e
ffi
ci
ent
l
y
han
d
l
i
n
g c
o
m
p
o
u
n
d
attributes.Has
be access m
ode
l can
be m
a
deas dynam
i
c
access m
odel by
com
b
ining it with role
base
d ris
k
access control
m
odel.
REFERE
NC
ES
[1]
Azeem
Sarwar,
Muham
m
a
d Naeem
Khan “
A
review of
trust
aspe
cts in c
l
oud com
puting secur
i
t
y
”
in
International
Journal of Clou
d Computing an
d Ser
v
i
ces
S
c
ien
ce (
I
J-CL
OSER)
-ISSN: 2089-3337, Vol. 2, No.
2, April 2013, p
p
.
116~122.
[2]
Rajanik
a
nth alu
v
alu, lakshmi
Muddana,”
A Survey on Access Control Models in Cloud Computing”
-
in
Springer
International Pu
blishing, Advan
ces
in Intelligen
t Systems and
Computing
337, DOI: 10.1007/978-3-319-13728-
5_7.
[3]
J
.
Bett
encourt
,
A.
Sahai, and B.
Waters
”
C
iph
e
r
t
ex
t-poli
cy at
t
r
ibute bas
ed en
cr
yption
“
i
n P
r
oceed
ings
of
IEEE
Symposium on S
ecurity and
Privacy
, pp. 321V33
4, 2007
.
[4]
V.
Goy
a
l,
O
.
Pandey
,
A.
Sahai, and B
.
Waters
,
“Attibute-based encryption fo
r
fine-grained a
ccess control o
f
encr
ypt
e
d data
,
”
in Proc.
ACM C
onf. Computer a
nd Communi
cati
ons
Secur
ity
(
A
CM CCS)
, Alexan
dria, VA, 2006
.
International Jou
r
nal of
Computer
Applications
(0
975 – 8887)
Volume 112 – No. 7
,
Februar
y
2015
7.
[5]
Zhibin Zhou
and Dijiang Hu
ang Arizona St
ate Univ
ersit
y
On “
Effici
e
nt
Cipherte
x
t-Po
lic
y Attribu
t
e Bas
e
d
Encryption and
Broadcast En
cryption”.
[6]
Zhiguo Wan
,
Ju
n’e Liu, and Ro
bert
H. Deng, Senior Member
, I
EEE
,
“
HASBE:
A
Hierarchical Attribute-Based
Solution
for Flexible and S
c
ala
b
le
Access Control in Cloud C
o
mputing
”,
in
I
EEE
transactio
n on informatio
n
forensic and
sec
u
rity
, vol. 7
,
no
.
2, April 2012.
[7]
Vanraj k
a
mliy
a and R
a
jnik
anth Aluvalu
“
A S
u
r
vey on
Hier
a
r
chical
At
tr
ibut
e Se
t-Bas
e
d
en
cr
yption
(
H
ASBE)
Access Control
model For Clou
d Computing”
, i
n
Internationa
l
Journal of Com
puter Applica
tio
ns
(0975 – 8887
)
Volume 112 – N
o
. 7
,
Februar
y
2
015.
[8]
S
a
m
y
Gerg
es
, S
h
erif Khatt
a
b, H
e
s
h
am
Has
s
a
n, F
a
tm
a A Om
ara
“Scalable Multi-Tenant
Authorization in Highly-
Collaborative C
l
oud Applicatio
ns”
,
in
International Journal o
f
Cloud Co
mpu
ting and S
e
rvices Science (
I
J-
CL
OSER)
)
-I
SSN: 2089-3337, Vol. 2
,
No
. 2
,
Apr
il 2013
, pp
. 106
~115.
[9]
N.kris
hna. L.Bh
avani
,
”
HAS
BE:
A Hierarchi
c
al
Attribu
t
e S
e
t
B
a
sed
Encryption
For Flexib
l
e, S
c
alable And
Fin
e
Grained Access Control In Cloud Computing-Interna
tional Journ
a
l of Computer &
Organization Trends
–Volu
m
e
3 Issue 9 –
Oct 2
013.
[10]
Md.Akram
Ali,
Ch. Praval
lika
,
P
.
V.S. Sriniv
as,”
Multi-A
ttribut
e
Based Ac
cess Control Poli
cy
En
forcement
for Fi
le
Accesses inCloud”
-in
Internatio
nal Journal of Engineering
Scien
ce and Innovative Technolog
y (
I
JESIT)
Volu
me 2,
Issue 5, Sep
t
ember 2013.
[11]
Sanchal Ramtek
e, Purvamodi, Apurva Ragho
jiw
ar,
Vijay
a
Karad,
Prof.
P.
D.
Kale
.”HASBE: Hiera
r
chical A
ttribu
t
e
based solution for flexib
l
e and
scalable access control
in
cloud
computing
-in
I
n
ternational
Jou
r
nal of Scien
tifi
c
and Research
Publications
, Volume 4, Issue 1, Januar
y
2014
.
[12]
Q. Liu, G. Wang, and J. Wu,
“Time based
proxy re-encry
p
tion scheme for
secure data sharing in a cloud
environment,"
In
formation Sciences
.In
Press, 201
2
[13]
Jawahar Thakur
, Nagesh Kumar
” DES, AES an
d Blowfish: Sym
m
etric
Key Cryptography Algor
ithms Simulatio
n
Based Performance Analysis” Inte
rnational
Journal of Emerging T
echnology and Adva
nced Engin
eering
(
I
JEATE)
- (
I
SSN
2250-2459,
Vol
u
m
e
1, Issue
2,
Decem
ber 2011
.
Evaluation Warning : The document was created with Spire.PDF for Python.
I
S
SN
:
2
088
-87
08
IJEC
E V
o
l
.
6, No
. 2, A
p
ri
l
20
16
:
77
0 – 7
7
7
77
7
BIOGRAP
HI
ES OF
AUTH
ORS
Rajanik
a
nth Alu
v
alu is Research scholar, cu
rrently
p
e
rsuing PhD from GITAM University
.
Currently
work
ing as Associate professor in th
e Depar
t
ment o
f
Computer En
gineer
ing, RK
University
. He
persued M.Tech
Computer
Science &
Engineering
from JNTU, H
y
d. His
res
earch
is
in the are
a
of clou
d com
puting and his
current re
s
earch int
e
res
t
s
are in cloud
computing secur
i
ty
, cloud
servic
es and B
i
gdata
Analy
t
ics.
Vanraj Kamliy
a
working as
a
ssista
n
t profe
ssor in
department of
Computer
scien
ce at Glorious
coll
ege of
com
puter s
c
ienc
e.
He
pers
ued his
M
a
s
t
ers
in
engine
erin
g. His
res
e
arch
i
s
in the
ar
ea o
f
cloud
computin
g and h
i
s curr
ent research
inter
e
sts are in
clou
d computing security
, Network
s
ecurit
y
.
Lakshmi Muddana
is working
as professor
and HOD in th
e Depar
t
ment
of Information
techno
log
y
, GI
TAM University, H
y
d
e
rabad C
a
mpus. She had persued Ph.D from Osmania
University
, H
y
d
e
rabad
.
Her research is in the
area of Data Mining and cloud computing and her
current research
inter
e
sts ar
e in
cloud
computing s
ecurity
, Bigdata
Analy
t
ics
Evaluation Warning : The document was created with Spire.PDF for Python.