Skip to main content
SpringerLink
Log in

Secured Cloud Storage Scheme Using ECC Based Key Management in User Hierarchy

  • Conference paper
Information Systems Security (ICISS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7093))

Included in the following conference series:

Abstract

In our proposed scheme, the data owner outsources huge volume of data to a cloud storage provider and the end users request data to the data owner. The data owner encrypts the data before sending it to the cloud service provider and does over-encryption proposed by Vimercati et al. [4] to the outsourced encrypted data before sending it to the users. We incorporate an existing Elliptic Curve Cryptography (ECC) based key management scheme in user hierarchy proposed by Nikooghadam et al. [11] in our scheme which classifies users in security classes and efficiently helps to derive the secret keys of the lower order security classes. The cloud storage component of our scheme will not have to perform any extra work except storing data and this reduces the cost of the data owner as per pay-per-use pricing policy of the cloud service provider. Our scheme incurs low overhead for key generation as well as for its storage and the end users can use wireless mobile devices. The scheme is useful in owner-write-users-read applications and it is secured from the adversaries.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. CSA (Cloud Security Alliance): Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, http://www.cloudsecurityalliance.org/guidance (December 2009)

  2. Mell, P., Grance, T.: The NIST Definition of Cloud Computing Version 15. Information Technology Laboratory, NIST (National Institute of Standards and Technology) (October 2009), http://csrc.nist.gov/groups/SNS/cloud-computing

  3. Kamara, S., Lauter, K.: Cryptographic Cloud Storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) FC 2010 Workshop. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  4. Vimercati, S.D.C.D., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: International Conference on Very Large Databases, September 23-28, pp. 123–134 (2007)

    Google Scholar 

  5. Vimercati, S.D.C.D., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: A data outsourcing architecture combining cryptography and access control. In: ACM Workshop on Computer Security Architecture, November 02, pp. 63–69 (2007)

    Google Scholar 

  6. Damiani, E., Vimercati, S.D.C.D., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: An Experimental Evaluation of Multi-Key Strategies for Data Outsourcing. In: New Approaches for Security, Privacy and Trust in Complex Environments. IFIP International Federation for Information Processing, vol. 232, pp. 385–396. Springer, Heidelberg (2007)

    Google Scholar 

  7. Wang, W., Li, Z., Owens, R., Bhargava, B.: Secure and efficient access to outsourced data. In: ACM workshop on Cloud Computing Security, pp. 55–66 (2009)

    Google Scholar 

  8. Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Heidelberg (2004)

    MATH  Google Scholar 

  9. SEC 1: Elliptic Curve Cryptography, Standards for Efficient Cryptography 1 (SEC1), Working Draft, Version 1.9, (August 22, 2008)

    Google Scholar 

  10. Vanstone, S.A.: Elliptic curve cryptosystem - The Answer to Strong, Fast Publickey Cryptography for Securing Constrained Environments. Information Security Technical Report 12(2), 78–87 (1997)

    Article  Google Scholar 

  11. Nikooghadam, M., Zakerolhosseini, A., Moghaddam, M.E.: Efficient utilization of elliptic curve cryptosystem for hierarchical access control. The Journal of Systems and Software 83(10), 1917–1929 (2010)

    Article  Google Scholar 

  12. Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and ecient key management for access hierarchies. ACM Trans. Inf. Syst. Secur. 12(3), 1–43 (2009)

    Article  Google Scholar 

  13. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: USENIX Conference on File and Storage Technologies, pp. 29–42 (2003)

    Google Scholar 

  14. Akl, S.G., Taylor, P.D.: Cryptographic solution to a multilevel security problem. In: Proceeding Advances in Cryptology, pp. 237–249 (1982)

    Google Scholar 

  15. Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transaction on Computer Systems 1(3), 239–248 (1983)

    Article  Google Scholar 

  16. Chang, C.C., Hwang, R.J., Wu, T.C.: Cryptographic key assignment scheme for access control in a hierarchy. Information Systems 17(3), 243–247 (1992)

    Article  Google Scholar 

  17. Shen, V.R.L., Chen, T.: A novel key management scheme based on discrete logarithms and polynomial interpolations. Computers & Security 21(2), 164–171 (2002)

    Article  MathSciNet  Google Scholar 

  18. Chang, C.C., Lin, I.C., Tsai, H.M., Wang, H.H.: A key assignment scheme for controlling access in partially ordered user hierarchies. In: 18th IEEE International Conference on Advanced Information Networking and Applications (AINA 2004), Fukuoka, Japan, vol. 2, pp. 376–379 (March 2004)

    Google Scholar 

  19. Jeng, F.G., Wang, C.M.: An efficient key-management scheme for hierarchical access control based on elliptic curve cryptosystem. The Journal of Systems and Software, 1161–1167 (2006)

    Google Scholar 

  20. Chung, Y.F., Lee, H.H., Lai, F., Chen, T.S.: Access control in user hierarchy based on elliptic curve cryptosystem. Information Sciences 178, 230–243 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  21. Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: International Conference on Very large Data Bases (VLDB 2007), pp. 782–793. ACM (2007)

    Google Scholar 

  22. Goodrich, M.T., Papamanthou, C., Tamassia, R., Triandopoulos, N.: Athos: Efficient Authentication of Outsourced File Systems. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 80–96. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  23. Bowers, K.D., Juels, A., Oprea, A.: HAIL: A High-availability and Integrity Layer for Cloud Storage. In: 16th ACM Conference on Computer and Communications Security, pp. 187–198. ACM (2009)

    Google Scholar 

  24. Hasegawa, T., Nakajima, J., Matsui, M.: A Practical Implementation of Elliptic Curve Cryptosystems over GF(p) on a 16-Bit Microcomputer. In: Imai, H., Zheng, Y. (eds.) PKC 1998. LNCS, vol. 1431, pp. 182–194. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology, Kharagpur, 721302, India

    Atanu Basu & Indranil Sengupta

  2. Department of Computer Science and Engineering, Jadavpur University, Kolkata, 700032, India

    Jamuna Kanta Sing

Authors
  1. Atanu Basu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Indranil Sengupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jamuna Kanta Sing
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, 4400 University Drive, 22030-4422, Fairfax, VA, USA

    Sushil Jajodia

  2. Center for Distributed Computing, Jadavpur University, 7000032, Kolkata, India

    Chandan Mazumdar

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Basu, A., Sengupta, I., Sing, J.K. (2011). Secured Cloud Storage Scheme Using ECC Based Key Management in User Hierarchy. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2011. Lecture Notes in Computer Science, vol 7093. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25560-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25560-1_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25559-5

  • Online ISBN: 978-3-642-25560-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation