Skip to main content

Advertisement

Springer Nature Link
Log in

Decentralized access control technique with multi-tier authentication of user for cloud storage

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

    We’re sorry, something doesn't seem to be working properly.

    Please try refreshing the page. If that doesn't work, please contact support so we can address the problem.

Abstract

The information kept in cloud is greatly sensitive. Security and privacy are two leading issues that often ascend in cloud computing. The objective of the research is to provide security and authentication of cloud data. So, we put forward with a novel decentralized access control scheme aimed at securely storing the data onto the cloud with multiple Key Distribution Center (KDC) based and multi-tier based authentication of user. In conjunction with cryptography to enrich the data security that is to be kept in the cloud we use steganography. In the proposed organization, irrespective of user’s identity the cloud confirms the genuineness of the sequence prior to data storage. Our work likewise has the additional element of access control where just legitimate clients can decrypt the kept data and view the equivalent. The scheme supports multiple writing of data into cloud and multiple reading of information kept in the cloud. As a novelty we have introduced hidden attributes, accordingly the Cloud Service Provider (CSP) along with the KDC is unaware of user details and also a multi-tier based authentication to expand the authentication of user.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Sahai, A., & Waters, B. (2005, May). Fuzzy identity-based encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 457-473)

  2. Goyal, V., Pandey, O., Sahai, A., & Waters, B. (2006, October). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security (pp. 89-98)

  3. Liang, X., Cao, Z., Lin, H., & Xing, D. (2009, March). Provably secure and efficient bounded ciphertext policy attribute based encryption. In Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (pp. 343-352)

  4. Bethencourt, J., Sahai, A., & Waters, B. (2007, May). Ciphertext-policy attribute-based encryption. In 2007 IEEE symposium on security and privacy (SP'07) (pp. 321-334). IEEE

  5. Chase, M. (2007, February). Multi-authority attribute based encryption. In theory of cryptography conference (pp. 515-534)

  6. Zhou Z, Huang D, Wang Z (2013) Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans Comput 64(1):126–138

    Article  MathSciNet  Google Scholar 

  7. Lin, H., Cao, Z., Liang, X., & Shao, J. (2008, December). Secure threshold multi authority attribute based encryption without a central authority. In International Conference on Cryptology in India (pp. 426-436)

  8. Lewko, A., & Waters, B. (2011, May). Decentralizing attribute-based encryption. In Annual international conference on the theory and applications of cryptographic techniques (pp. 568-588). Springer, Berlin, Heidelberg

  9. Green, M., Hohenberger, S., & Waters, B. (2011, August). Outsourcing the decryption of abe ciphertexts. In USENIX security symposium (Vol. 2011, no. 3)

  10. Yang K, Jia X, Ren K, Zhang B, Xie R (2013) DAC-MACS: effective data access control for multiauthority cloud storage systems. IEEE Transactions on Information Forensics and Security 8(11):1790–1801

    Article  Google Scholar 

  11. Maji HK, Prabhakaran M, Rosulek M (2008) Attribute-based signatures: achieving attribute-privacy and collusion-resistance. IACR Cryptology ePrint Archive 2008:328

    Google Scholar 

  12. Ruj S, Stojmenovic M, Nayak A (2013) Decentralized access control with anonymous authentication of data stored in clouds. IEEE Transactions on Parallel and Distributed Systems 25(2):384–394

    Article  Google Scholar 

  13. Yadav, U. C., & Ali, S. T. (2015, August). Ciphertext policy-hiding attribute-based encryption. In 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (pp. 2067-2071). IEEE

  14. Phuong TVX, Yang G, Susilo W (2015) Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans Inform Forens Secur 11(1):35–45

    Article  Google Scholar 

  15. Xu R, Lang B (2015) A CP-ABE scheme with hidden policy and its application in cloud computing. Int J Cloud Comput 4(4):279–298

    Article  MathSciNet  Google Scholar 

  16. Sowmiya, M., & Adimoolam, M. (2014, April). Secure cloud storage model with hidden policy attribute based access control. In 2014 International Conference on Recent Trends in Information Technology (pp. 1-6). IEEE

  17. Ruj S, Nayak A, Stojmenovic I (2011, November) DACC: distributed access control in clouds. In 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (pp. 91-98). IEEE

  18. Rewagad, P., & Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. In 2013 International Conference on Communication Systems and Network Technologies (pp. 437-439). IEEE

  19. Chase, M., & Chow, S. S. (2009, November). Improving privacy and security in multi-authority attribute-based encryption. In Proceedings of the 16th ACM conference on Computer and communications security (pp. 121-130)

  20. Kalpana P, Singaraju S (2012) Data security in cloud computing using RSA algorithm. International Journal of research in computer and communication technology, IJRCCT, ISSN, pp 2278–5841

    Google Scholar 

  21. Zhong H, Zhu W, Xu Y, Cui J (2018) Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Comput 22(1):243–251

    Article  Google Scholar 

  22. Jung, T., Li, X. Y., Wan, Z., & Wan, M. (2013, April). Privacy preserving cloud data access with multi-authorities. In 2013 Proceedings IEEE INFOCOM (pp. 2625-2633). IEEE

  23. Su, H., Zhu, Z., Sun, L., & Pan, N. (2016, October). Practical searchable CP-ABE in cloud storage. In 2016 2nd IEEE International Conference on Computer and Communications (ICCC) (pp. 180-185). IEEE

  24. Sulochana, V., & Parimelazhagan, R. (2013). A puzzle based authentication scheme for cloud computing. Int J Comput Trends and, 210–213

  25. Dhamija, A., & Dhamija, D. (2016). SSQS and OTP based user authentication mechanism in cloud computing

    Google Scholar 

  26. Mo J, Hu Z, Chen H, Shen W (2019) An efficient and provably secure anonymous user authentication and key agreement for mobile cloud computing. Wirel Commun Mob Comput 2019:1–12

    Article  Google Scholar 

  27. Singh M, Singh S (2012) Design and implementation of multi-tier authentication scheme in cloud. International Journal of Computer Science Issues (IJCSI) 9(5):181

    Google Scholar 

  28. Dhamija A, Dhamija D (2015) A two tier reliable user authentication scheme for cloud environment. Int J Comput Appl 975:8887

    Google Scholar 

  29. Ziyad S, Rehman S (2014) Critical review of authentication mechanisms in cloud computing. International Journal of Computer Science Issues (IJCSI) 11(3):145

    Google Scholar 

  30. Kumar S, Ganpati A (2014) Multi-authentication for cloud security: a framework. Int J Comput Sci Eng Technol 5(4):295–303

    Google Scholar 

  31. Arasu SE, Gowri B, Ananthi S (2013) Privacy-preserving public auditing in cloud using HMAC algorithm. International Journal of Recent Technology and Engineering (IJRTE) ISSN 2277(3878):149–152

    Google Scholar 

  32. Govinda K, Gurunathaprasad V, Sathishkumar H (2012) Third party auditing for secure data storage in cloud through digital signature using RSA. Int J Adv Sci Tech Res 4(2):525–530

    Google Scholar 

  33. Chan CK, Cheng LM (2004) Hiding data in images by simple LSB substitution. Pattern Recogn 37(3):469–474

    Article  Google Scholar 

  34. Bloisi, D. D., & Iocchi, L. (2007, March). Image based steganography and cryptography. In VISAPP (1) (pp. 127-134)

  35. Gupta S, Goyal A, Bhushan B (2012) Information hiding using least significant bit steganography and cryptography. Int J Modern Educ Comput Sci 4(6):27–34

    Article  Google Scholar 

  36. Sarmah DK, Bajpai N (2010) Proposed system for data hiding using cryptography and steganography. Int J Comput Appl 8(9):7–1

    Google Scholar 

  37. Ren-Er, Y., Zhiwei, Z., Shun, T., & Shilei, D. (2014, January). Image steganography combined with DES encryption pre-processing. In 2014 Sixth International Conference on Measuring Technology and Mechatronics Automation (pp. 323-326). IEEE

  38. Muhammad K, Ahmad J, Rehman NU, Jan Z, Sajjad M (2017) CISSKA-LSB: color image steganography using stego key-directed adaptive LSB substitution method. Multimed Tools Appl 76(6):8597–8626

    Article  Google Scholar 

  39. Yang CH, Weng CY, Wang SJ, Sun HM (2008) Adaptive data hiding in edge areas of images with spatial LSB domain systems. IEEE Trans Inform Forens Secur 3(3):488–497

    Article  Google Scholar 

  40. Liao X, Wen QY, Zhang J (2011) A steganographic method for digital images with four-pixel differencing and modified LSB substitution. J Vis Commun Image Represent 22(1):1–8

    Article  Google Scholar 

  41. Younes MAB, Jantan A (2008) A new steganography approach for images encryption exchange by using the least significant bit insertion. Int J Comput Sci Netw Secur 8(6):247–257

    Google Scholar 

  42. Sheth, U., & Saxena, S. (2016, April). Image steganography using AES encryption and least significant nibble. In 2016 International Conference on Communication and Signal Processing (ICCSP) (pp. 0876-0879). IEEE

  43. Das ML, Saxena A, Gulati VP (2004) A dynamic ID-based remote user authentication scheme. IEEE Trans Consum Electron 50(2):629–631

    Article  Google Scholar 

  44. Chien HY, Jan JK, Tseng YM (2002) An efficient and practical solution to remote authentication: smart card. Computers & Security 21(4):372–375

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Ponjesly College of Engineering, Nagercoil, Tamil Nadu, India

    S. Shiny

  2. Department of Electrical and Electronics Engineering, Ponjesly College of Engineering, Nagercoil, Tamil Nadu, India

    J. Jasper

Authors
  1. S. Shiny
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. J. Jasper
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to S. Shiny.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shiny, S., Jasper, J. Decentralized access control technique with multi-tier authentication of user for cloud storage. Peer-to-Peer Netw. Appl. 15, 13–27 (2022). https://doi.org/10.1007/s12083-021-01189-0

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-021-01189-0

Keywords