Skip to main content
SpringerLink
Log in

Key Derivation Policy for data security and data integrity in cloud computing

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Cloud computing is currently emerging as a promising next-generation architecture in the Information Technology (IT) industry and education sector. The encoding process of state information from the data and protection are governed by the organizational access control policies. An encryption technique protects the data confidentiality from the unauthorized access leads to the development of fine-grained access control policies with user attributes. The Attribute-Based Encryption (ABE) verifies the intersection of attributes to the multiple sets. The handling of adding or revoking the users is difficult with respect to changes in policies. The inclusion of multiple encrypted copies for the same key raised the computational cost. This paper proposes an efficient Key Derivation Policy (KDP) for improvement of data security and integrity in the cloud and overcomes the problems in traditional methods. The local key generation process in proposed method includes the data attributes. The secret key is generated from the combination of local keys with the user attribute by a hash function. The original text is recovered from the ciphertext by the decryption process. The key sharing between data owner and user validates the data integrity referred MAC verification process. The proposed efficient KDP with MAC verification analyze the security issues and compared with the Cipher Text–Attribute-Based Encryption (CP-ABE) schemes on the performance parameters of encryption time, computational overhead and the average lifetime of key generation. The major advantage of proposed approach is the updating of public information and easy handling of adding/revoking of users in the cloud.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Wan, Z., Liu, J.E., and Deng, R.H., HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing, IEEE Trans. Inf. Forensics Secur., 2012, vol. 7, pp. 743–754.

    Article  Google Scholar 

  2. Yang, K. and Jia, X., An efficient and secure dynamic auditing protocol for data storage in cloud computing, IEEE Trans. Parallel Distrib. Syst., 2013, vol. 24, pp. 1717–1726.

    Article  Google Scholar 

  3. Li, M., Yu, S., Zheng, Y., Ren, K., and Lou, W., Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption, IEEE Trans. Parallel Distrib. Syst., 2013, vol. 24, pp. 131–143.

    Article  Google Scholar 

  4. Wang, C, Chow, S.S., Wang, Q., Ren, K., and Lou, W., Privacy-preserving public auditing for secure cloud storage, IEEE Trans. Comput., 2013, vol. 62, pp. 362–375.

    Article  MathSciNet  Google Scholar 

  5. Wang, C., Wang, Q., Ren, K., Cao, N., and Lou, W., Toward secure and dependable storage services in cloud computing, IEEE Trans. Serv. Comput., 2012, vol. 5, pp. 220–232.

    Article  Google Scholar 

  6. Wei, L., Zhu., H., Cao, Z., Dong, X., Jia, W., Chen, Y., et al., Security and privacy for storage and computation in cloud computing, Inf. Sci., 2014, vol. 258, pp. 371–386.

    Article  Google Scholar 

  7. Rewagad, P. and Pawar, Y., Use of digital signature with Diffie-Hellman key exchange and AES encryption algorithm to enhance data security in cloud computing, 2013 International Conference on Communication Systems and Network Technologies (CSNT), 2013, pp. 437–439.

    Chapter  Google Scholar 

  8. Sun, W., Yu. S., Lou, W., Hou, Y.T., and Li, H., Protecting your right: Attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud, 2014 Proceedings IEEE INFOCOM, 2014, pp. 226–234.

    Chapter  Google Scholar 

  9. Liu, Q., Wang, G., and Wu, J., Clock-based proxy re-encryption scheme in unreliable clouds, 41st International Conference on Parallel Processing Workshops (ICPPW), 2012, pp. 304–305.

    Google Scholar 

  10. Alshehri, S., Radziszowski, S.P., and Raj, R.K., Secure access for healthcare data in the cloud using ciphertextpolicy attribute-based encryption, IEEE 28th International Conference on Data Engineering Workshops (ICDEW), 2012, pp. 143–146.

    Google Scholar 

  11. Ruj, S., Nayak, A., and Stojmenovic, I., DACC: Distributed access control in clouds, IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2011, pp. 91–98.

    Google Scholar 

  12. Yang, K., Jia, X., and Ren, K., Attribute-based fine-grained access control with efficient revocation in cloud storage systems, Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, 2013, pp. 523–528.

    Google Scholar 

  13. Wang, G., Liu, Q., Wu, J., Guo, M., Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers, Comput. Secur., vol. 30, pp. 320–331.

  14. Li, J., Chen, X., Jia, C., Lou, W., Identity-Based Encryption with Outsourced Revocation in Cloud Computing, 2013.

    Google Scholar 

  15. Zheng, Q., Xu, S., and Ateniese, G., Vabks: Verifiable attribute-based keyword search over outsourced encrypted data, 2014 Proceedings IEEE INFOCOM, 2014, pp. 522–530.

    Chapter  Google Scholar 

  16. Liu, Q., Wang, G., and Wu, J., Time-based proxy re-encryption scheme for secure data sharing in a cloud environment, Inf. Sci., 2014, vol. 258, pp. 355–370.

    Article  MathSciNet  Google Scholar 

  17. Wu, Y., Wei, Z., and Deng, H., Attribute-based access to scalable media in cloud-assisted content sharing, IEEE Trans. Multimedia, 2013, vol. 15, pp. 778–788.

    Article  Google Scholar 

  18. Xu, D., Luo, F., Gao, L., and Tang, Z., Fine-grained document sharing using attribute-based encryption in cloud servers, Third International Conference on Innovative Computing Technology (INTECH), 2013, pp. 65–70.

    Chapter  Google Scholar 

  19. Li, M., Yu, S., Cao, N., Lou, W., Authorized private keyword search over encrypted data in cloud computing, 31st International Conference on Distributed Computing Systems (ICDCS), 2011, pp. 383–392.

    Google Scholar 

  20. Zhu, Y., Hu. H., Ahn, G.-J., Huang, D., and Wang, S., Towards temporal access control in cloud computing, 2012 Proceedings IEEE INFOCOM, 2012, pp. 2576–2580.

    Chapter  Google Scholar 

  21. Chen, Y.-R., Chu, C.-K., Tzeng, W.-G., and Zhou, J., CloudHKA: A cryptographic approach for hierarchical access control in cloud computing, in Applied Cryptography and Network Security, Jacobson, M., Locasto, M., Mohassel, P., and Safavi-Naini, R., Eds., Berlin-Heidelberg: Springer, 2013, vol. 7954, pp. 37–52.

    Google Scholar 

  22. Nabeel, M., Ning, S., and Bertino, E., Privacy preserving policy-based content sharing in public clouds, IEEE Trans. Knowl. Data Eng., 2013, vol. 25, pp. 2602–2614.

    Article  Google Scholar 

  23. Takabi, H. and Joshi, J.B.D., Policy management as a service: An approach to manage policy heterogeneity in cloud computing environment, 45th Hawaii International Conference on System Science (HICSS), 2012, pp. 5500–5508.

    Google Scholar 

  24. Nabeel, M. and Bertino, E., Privacy preserving delegated access control in public clouds, IEEE Trans. Knowl. Data Eng., 2014, vol. 26, pp. 2268–2280.

    Article  Google Scholar 

  25. Dijiang, H., Zhibin, Z., Le, X., Tianyi, X., and Yunji, Z., Secure data processing framework for mobile cloud computing, IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2011, pp. 614–618.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Thassim Beevi Abdul Kader College for Women, Kilakarai, Tamil Nadu, 623517, India

    P. Senthil Kumari & A. R. Nadira Banu Kamal

Authors
  1. P. Senthil Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. R. Nadira Banu Kamal
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to P. Senthil Kumari.

Additional information

The article is published in the original.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Senthil Kumari, P., Nadira Banu Kamal, A.R. Key Derivation Policy for data security and data integrity in cloud computing. Aut. Control Comp. Sci. 50, 165–178 (2016). https://doi.org/10.3103/S0146411616030032

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411616030032

Keywords

Search

Navigation