Abstract
Cloud system provides an on-demand and low-cost computing and storing model. Many organizations and individual end-users are using cloud storage services to back up their crucial data. However, this storage utility suffers from various threats and security issues. Before outsourcing the data to the cloud server, some data security measures should be imposed to ensure security. The blockchain is an advanced technology that stores data in a distributed manner and provides a more secure environment. Therefore, we propose a blockchain-based framework with the Ciphertext Policy Attribute-based Encryption algorithm to provide access control and user revocation methods in the cloud storage system to resolve the above issues. Our scheme offers three main features to provide a secure environment. First, a java-based blockchain network is designed to register data owners and attribute authority using a key generation algorithm. Second, the data owners and attribute authorities store the public information in the blockchain structure, set access policies, and generate the user’s secret key to resolve key escrow problems. Third, the immediate attribute modification is deployed to attain fine-grained access control with the user revocation process. The experimental results, analysis, and performance evaluation show that our scheme provides a feasible and reliable environment.
Similar content being viewed by others
References
Azhir E, Navimipour NJ, Hosseinzadeh M, Sharifi A, Darwesh A (2019) Query optimization mechanisms in the cloud environments: a systematic study. Int J Commun Syst 32(8):e3940
Singh A, Chatterjee K (2017) Cloud security issues and challenges: a survey. J Netw Comput Appl 79:88–115
Shin Y, Koo D, Hur J (2017) A survey of secure data deduplication schemes for cloud storage systems. ACM Comput Surv 49(4):1–38
Du M, Wang Q, He M, Weng J (2018) Privacy-preserving indexing and query processing for secure dynamic cloud storage. IEEE Trans Inf Forensics Secur 13(9):2320–2332
Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61
Zhang Y, Zheng D, Deng RH (2018) Security and privacy in smart health: Efficient policy-hiding attribute-based access control. IEEE Internet of Things J 5(3):2130–2145. https://doi.org/10.1109/JIOT.2018.2825289
Kaaniche N, Laurent M (2017) Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms. Comput Commun 111:120–141
Li Y, Gai K, Qiu L, Qiu M, Zhao H (2017) Intelligent cryptography approach for secure distributed big data storage in cloud computing. Inf Sci 387:103–115
Shen J, Gui Z, Ji S, Shen J, Tan H, Tang Yi (2018) Cloud aided lightweight certificate less authentication protocol with anonymity for wireless body area networks. J Netw Comput Appl 106:117–123
Shen J, Wang C, Li T, Chen X, Huang X, Zhan Z-H (2018) Secure data uploading scheme for a smart home system. Inf Sci 453:186–197. https://doi.org/10.1016/j.ins.2018.04.048
Lyengar R (2020) Apple to strengthen security after iCloud nude celebrity photos leak. http://time.com/3271667/apple-jennifer-lawrence-icloud-leak660security/, 2014. Accessed September 4, 2020.
Kofahi NA, Al-Rabadi AR (2018) Identifying the top threats in cloud computing and its suggested solutions: a survey. Networks 6(1):1–13
Zyskind G, Nathan O, et al (2015) Decentralizing privacy: using blockchain to protect personal data. In: Security and Privacy Workshops (SPW). IEEE, pp 180–184
Bethencourt J, Sahai A, Waters B (2008) Ciphertext-policy attribute-based encryption. In: Proceeding of the IEEE Symposium on Security and Privacy (SP), pp 321–334
Namasudra S, Deka GC, Johri P, Hosseinpour M, Gandomi AH (2021) The revolution of blockchain: state-of-the-art and research challenges. Arch Comput Methods Eng 28(3):1497–1515
Sharma P, Jindal R, Borah MD (2020) Blockchain technology for cloud storage: a systematic literature review. ACM Comput Surv 53(4):1–32
Meng W, Tischhauser E, Wang Q, Wang Y, Han J (2018) When intrusion detection meets blockchain technology: a review. IEEE Access 6:10179–10188
Lin Q, Yan H, Huang Z, Chen W, Shen J, Tang Yi (2018) An id-based linearly homomorphic signature scheme and its application in blockchain. IEEE Access 6:20632–20640
Sharma P, Jindal R, Borah MD (2021) Blockchain-based decentralized architecture for cloud storage system. J Inf Secur Appl 62:1–15
Mohajer A, Barari M, Zarrabi H (2018) Big data-based self-optimization networking: a novel approach beyond cognition. Intell Autom Soft Comput 24(2):413–420
Masdari M, Ahmadzadeh S, Bidaki M (2017) Key management in wireless body area network: challenges and issues. J Netw Comput Appl 91:36–51
Mohajer A, Bavaghar M, Farrokhi H (2020) Mobility-aware load balancing for reliable self-organization networks: multi-agent deep reinforcement learning. Reliab Eng Syst Saf 202:107056
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (eds) Advances in cryptology—EUROCRYPT. Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, vol 3494, pp 457–473
Attrapadung N, Imai H (2009) Attribute-based encryption supporting direct/indirect revocation modes. In: Parker MG (eds) Cryptography and Coding, IMACC, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, vol 5921, pp 278–300
Attrapadung N, Libert B, de Panafieu E (2011) Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Catalano D, Fazio N, Gennaro R, Nicolosi A (eds) Public Key Cryptography—PKC 2011, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, vol 6571, pp 90–108
Masdari M, Jabbehdari S, Ahmadi MR, Hashemi SM, Bagherzadeh J, Khadem-Zadeh A (2011) A survey and taxonomy of distributed certificate authorities in mobile ad hoc networks. EURASIP J Wirel Commun Netw 112:1–12
Masdari M, Bidaki M, Naghiloo F (2017) Comprehensive evaluation of the localized certificate revocation in mobile ad hoc network. Wireless Pers Commun 94:977–1001
Masdari M (2016) Towards secure localized certificate revocation in mobile ad-hoc networks. IETE Tech Rev 34(5):561–571. https://doi.org/10.1080/02564602.2016.1215270
Datta P, Dutta R, Mukhopadhyay S (2015) General circuit realizing compact revocable attribute-based encryption from multilinear maps. In: ISC, vol 9290 of LNCS. Springer, pp 336–354
Datta P, Dutta R, Mukhopadhyay S (2016) Adaptively secure unrestricted attribute-based encryption with subset difference revocation in bilinear groups of prime order. In: Pointcheval D, Nitaj A, Rachidi T (eds) Progress in Cryptology—AFRICACRYPT, Lecture Notes in Computer Science. Springer, vol 9646, pp 325–345
Liu Z, Wong DS (2016) Practical ciphertext-policy attribute-based encryption: traitor tracing, revocation, and large universe. Comput J 59(7):983–1004. https://doi.org/10.1093/comjnl/bxv101
Nieto JMG, Manulis M, Sun D (2012) Fully private revocable predicate encryption. In: Susilo W, Mu Y, Seberry J (eds) Information Security and Privacy, ACISP. Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, vol 7372, pp 350–363
Wang P, Feng D, Zhang L (2011) Towards attribute revocation in key-policy attribute-based encryption. In: Lin D, Tsudik G, Wang X (eds) Cryptology and Network Security, CANS, Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, vol 7092, pp 272–291
Jia X, He D, Zeadally S, Li L (2017) Efficient revocable ID-based signature with cloud revocation server. IEEE Access 99:1–9
Namasudra S (2021) Data access control in the cloud computing environment for bioinformatics. Int J Appl Res Bioinform 11(1):40–50
Namasudra S (2019) An improved attribute-based encryption technique toward the data security in cloud computing. Concurr Comput Pract Exp 31(3):e4364
Gai K, Guo J, Zhu L, Yu S (2020) Blockchain meets cloud computing: a survey. IEEE Commun Surv Tutor 22(3):2009–2030. https://doi.org/10.1109/COMST.2020.2989392
Ma W, Ma J, Zhang Q, Xue H, Li Y, Dang X, Zhao M, Zhang J, Han C, Wu J (2020) Attribute revocable data sharing scheme based on blockchain and CP-ABE. In: Proceedings of the 4th International Conference on Computer Science and Application Engineering (CSAE 2020), Association for Computing Machinery, New York, NY, USA, pp 1–7
Su Q, Zhang R, Xue R, Li P (2020) Revocable attribute-based signature for blockchain-based healthcare system. IEEE Access 8:127884–127896. https://doi.org/10.1109/ACCESS.2020.3007691
Zheng H, Shao J, Wei G (2020) Attribute-based encryption with outsourced decryption in blockchain. Peer-to-Peer Netw Appl 13:1643–1655
Yu Y, Zhao Y, Li Y, Du X, Wang L, Guizani M (2020) Blockchain-based anonymous authentication with selective revocation for smart industrial applications. IEEE Trans Ind Inf 16(5):3290–3300. https://doi.org/10.1109/TII.2019.2944678
Vidal FR, Gouveia F, Soares C (2020) Revocation mechanisms for academic certificates stored on a blockchain. In: Proceedings of the 15th Iberian Conference on Information Systems and Technologies (CISTI), Seville, Spain, pp 1–6. https://doi.org/10.23919/CISTI49556.2020.9141088.
Xiong L, Li F, Zeng S, Peng T, Liu Z (2019) A blockchain-based privacy-awareness authentication scheme with efficient revocation for multi-server architectures. IEEE Access 7:125840–125853. https://doi.org/10.1109/ACCESS.2019.2939368
Ning J, Cao Z, Dong X, Liang K, Wei L, Choo K-KR (2021) CryptCloud+: secure and expressive data access control for cloud storage. IEEE Trans Serv Comput 14(1):111–124. https://doi.org/10.1109/TSC.2018.2791538
Wu Z, Zhang Y, Xu E (2020) Multi-authority revocable access control method based on CP-ABE in NDN. Future Internet 12(1):1–15. https://doi.org/10.3390/fi12010015
Fan K, Wang J, Wang X, Yang Y (2017) Proxy-assisted access control scheme of cloud data for smart cities. Pers Ubiquit Comput 21(5):937–947
Wang S, Wang X, Zhang Y (2019) A secure cloud storage framework with access control based on blockchain. IEEE Access 7:112713–112725. https://doi.org/10.1109/ACCESS.2019.2929205
Saini Q, Zhu N, Singh Y, Xiang LG, Zhang Y (2021) A smart-contract-based access control framework for cloud smart healthcare system. IEEE Internet Things J 8(7):5914–5925. https://doi.org/10.1109/JIOT.2020.3032997
Nakamoto S (2008) Bitcoin: A peer-to-peer electronic cash system. https://bitcoin.org/bitcoin.pdf
Liebenau J, Elaluf-Calderwood SM (2008) Blockchain innovation beyond bitcoin and banking. In: Legally-Enforceable Fairness in Secure Two-Party Computation Topics in Cryptology—CT-RSA. Springer, pp 121–137
Crosby M, Pattanayak P, Verma S, Kalyanaraman V (2016) Blockchain technology: beyond bitcoin. Appl Innov 2:6–10
Sankar LS, Sindhu M, Sethumadhavan M (2017) Survey of consensus protocols on blockchain applications. In: Proceeding of the 4th International Conference on Advanced Computing and Communication Systems (ICACCS), pp 1–5
Patra TS, Suresh A, Yalame H (2020) ABY2.0: improved mixed-protocol secure two-party computation. Cryptology ePrint Archive, Report. https://ia.cr/2020/1225
Buyya R, Ranjan R, Calheiros RN (2009) Modeling and simulation of scalable Cloud computing environments and the CloudSim toolkit: Challenges and opportunities. In: Proceedings of the International Conference on High Performance Computing and Simulation, pp 1–11. https://doi.org/10.1109/HPCSIM.2009.5192685
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Sharma, P., Jindal, R. & Borah, M.D. Blockchain-based cloud storage system with CP-ABE-based access control and revocation process. J Supercomput 78, 7700–7728 (2022). https://doi.org/10.1007/s11227-021-04179-4
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-021-04179-4