This document summarizes a research paper that proposes a new dual access control method for cloud-based data storage. The proposed method uses a progressive architecture and clock to provide fine-grained access control. It allows users to easily transmit, download, and delete documents from the cloud in a secure manner. The method aims to address security issues with existing cloud access control techniques by being more adaptable and efficient. It involves users and data owners registering for the cloud. When a client requests access to an owner's data, the owner checks the client's attributes and sends an encrypted key to the client that is only valid for a limited time period set by the clock.
This document summarizes a research paper that proposes a new dual access control method for cloud-based data storage. The proposed method uses a progressive architecture and clock to provide fine-grained access control. It allows users to easily transmit, download, and delete documents from the cloud in a secure manner. The method aims to address security issues with existing cloud access control techniques by being more adaptable and efficient. It involves users and data owners registering for the cloud. When a client requests access to an owner's data, the owner checks the client's attributes and sends an encrypted key to the client that is only valid for a limited time period set by the clock.
This document summarizes a research paper that proposes a new dual access control method for cloud-based data storage. The proposed method uses a progressive architecture and clock to provide fine-grained access control. It allows users to easily transmit, download, and delete documents from the cloud in a secure manner. The method aims to address security issues with existing cloud access control techniques by being more adaptable and efficient. It involves users and data owners registering for the cloud. When a client requests access to an owner's data, the owner checks the client's attributes and sends an encrypted key to the client that is only valid for a limited time period set by the clock.
This document summarizes a research paper that proposes a new dual access control method for cloud-based data storage. The proposed method uses a progressive architecture and clock to provide fine-grained access control. It allows users to easily transmit, download, and delete documents from the cloud in a secure manner. The method aims to address security issues with existing cloud access control techniques by being more adaptable and efficient. It involves users and data owners registering for the cloud. When a client requests access to an owner's data, the owner checks the client's attributes and sends an encrypted key to the client that is only valid for a limited time period set by the clock.
International Research Journal of Modernization in Engineering Technology and Science
( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:06/June-2022 Impact Factor- 6.752 www.irjmets.com DUAL ACCESS CONTROL FOR CLOUD BASED DATA STORAGE Shwetha Shree K*1, Mohan Kumar*2 *1Master Of Computer Application, East West Institute Of Technology(VTU), Bangalore, India. ABSTRACT Distributed computing is a high-level breakthrough in the making. Information storage is a huge headache for everyone in this world. Distributed computing is an excellent solution for storing and retrieving data in the most straightforward and quickest way possible. Security is the most pressing concern in distributed computing. I'm attempting to show another approach for giving distributed computing had admission control in this paper. In distributed computing, this architecture provides secured admittance control. It adopts a progressive construction and use a clock to provide more granular access control. We can easily transmit, download, and delete documents from and to the cloud using this method. Access Control, Cloud Computing, and Cloud Privacy are some of the terms on the list. the National Institute of Standards and Technology [3] states that. This decentralised computing has numerous advantages, especially in ubiquitous administrations where everyone can access PC administrations over the internet. You may create a device with a small display, processor, and RAM using distributed computing. Different types of equipment, such as extra memory, are not required. It will make our new invention gadgets smaller. In addition, it lowers our framework's costs. Virtualization, will on- demand configuration, Internet administration delivery, and it open source programming are all examples of distributed computing [1]. The distributed computing model is depicted in the diagram below. I. INTRODUCTION One of the emerging developments is distributed computing. It addresses a fundamental shift in perspective in the way frameworks are communicated [8]. "Distributed computing is a model for enabling pervasive, advantageous, on- request network access to a common pool of configurable figuring assets (e.g., networks, servers, capacity, applications, and administrations) that can be quickly provisioned and delivered with insignificant administration exertion or specialist organisation connection,"
Fig 1: Cloud Computing Model
a) SaaS- To use the supplier's cloud-based apps, which are accessible from a variety of client devices via a simple client interface, such as a Web application. b) PaaS- To upload customer-made apps to the cloud using the provider's supported programming languages and tools ( java,python, .Net) c) IaaS- To set up handling, capacity, organisations, and other basic figuring assets where the customer can deliver and run irregular programming, such as functional frameworks and applications. Distributed computing attacks have grown in tandem with the advent of cloud applications. [1], [2], and [3] are the primary assaults on clouds. a) Denial of Service (DoS) assaults b) Side Channel assaults c) Authentication assaults
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[5244] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:06/June-2022 Impact Factor- 6.752 www.irjmets.com d) Man-in-Middle cryptographic assaults e) Inside-work assaults As a result of these attacks, we urgently require a more advanced distributed computing security policy. Access control is a strategy or approach that allows, denies, or restricts access to a framework [7]. It may also detect clients attempting to gain access to an unapproved system. One application can relay on another’s identification thanks to access control [8]. The traditional model for access control, application-driven access control [1] is a comman access control architecture in each application monitors and manages its own set of clients, isn't possible in cloud-based systems. Because we need a lot of memory for this strategy, we'll need a lot of RAM to store the client's nuances, such as username and secret phrase. As a result, the cloud necessitates a client-driven access control system, in which each client solicitation to any specialist organisation is packed with the client's personality and privilege data. • Mandatory Access Control (MAC) • Discretionary Access Control (DAC) • Role Based Access Control are the three basic types of access control models (RBAC) In distributed computing, we currently have a plethora of processes for access control. These, on the other hand, are not obtained and effective. As a result of this problem, we are attempting to suggest a new and more effective access controltechnique for distributed computing. II. RELATED WORK In this section, we examine the various existing access control strategies proposed by others. After that, we'll explain our proposed solution for distributedcomputing access control. FADE, which was given by Y.Tang and colleagues [5], is another key approach for access control. For re-appropriated information on the cloud, the technique in [5] provides fine- grained admission control and guaranteed erasure. However, this strategy isn't actually necessary. If the information owners and specialised cooperatives are in the same area, it is a good idea. HASBE [2], a plan presented by Z.Wan, J.Liu, and R.H.Deng, is another access control plan. The main disadvantage of [2] is that, in comparison to other schemes, it is not adaptable. S.Yu and colleagues offer a distributed computing access control mechanism in [10]. They use KPABE (Key Policy Attribute Based Encryption) and PRE (Proxy Re-Encryption) in this technique [10]. This method isn't adaptable due to the increasing complexity of encryption and decoding. In [6, Y.Zhu and colleagues offer a transitory access approach for distributed computing. These approaches are only applicable in [6] to frameworks in which data owners and specialised co-ops are in the same confided in space. The other major plot is explained in [4], which is provided by M.Li and his group. It is, however, an expensive plan.M.Zhou and his colleagues describe a solution for privacy-preserving access control for distributed computing in an IEEE TransCom-11 International Joint Conference [9]. This technique [9] has a few drawbacks as well. Regardless, the lack of adaptation and versatility in this method renders it ineffective. III. PROPOSED SCHEME A. The development of our proposed model. As seen in Figure 2, our proposed model has a progressive construction.
Fig 2: System Structure
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science [5245] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:06/June-2022 Impact Factor- 6.752 www.irjmets.com The believed power serves as the foundation of confidence in this progressive structure, approving high-level space professionals. Furthermore, the cloud clients are approved by this high- level area specialist. As a cloud client, we consider both the proprietors and the clients. Our system retains a trait set for each cloud client, which contains a number of traits specific to that client. It is possible that it will change depending on the client. A space consists of a single area authority and a large number of cloud clients. We also use a clock to time the creation of the key. A. Framework Model. Figure 3 depicts the real-world model ofour approach. There are four sections in total in this model. Owner of the cloud, untrustworthy cloud, clock, and cloud client
Fig 3: System Model
The owner of the data can upload it to the cloud from here. To make his record as untrustworthy as possible, he will scramble the document straight away and then move it to the untrusted cloud. Only the owner of the information is aware of how to decrypt the records. As a result, the transferred data is safe in the untrustworthy cloud. When an information client needs to access a record from the cloud, it sends a request to the cloud. Following that, the cloud will forward the request to the proprietor. The owner will then check the client's distinctive arrangement. If the client has a large number of traits, the owner will transmit a key to the client. The clock will start counting when the proprietor sends the client a key. That key becomes invalid when a certain amount of time has passed. As a result, the client must complete the requested paper within the specified timeframe. B. Fundamental tasks of the proposed model 1. Registration The client and the owner must both enrol in order to perform any action in the cloud. The client and the proprietor will send an enlistment request to the comparing space authority for enrollment. The space authority then confirms that the new part is complying with the agreements. If they are willing to accept the terms, the area authority will forward the request to the confided in space. The thought power will then provide everyone of the proprietors and clients with an exceptionally long- lasting id. Then they'll be able to create a secret key for them. 2. Document Upload To convey a document to a higher level, the information owner must first encrypt it with his confidential key and then send it to the next higher level. That is the jurisdictional authority. The space authorities will then verify whether or not the proprietor is registered. If he is a registered proprietor, the space authority will send that encoded record to the confided in authority. 3. Document Download To download any record from the cloud, the information client must first send a request to his corresponding space authority. The client will then be checked by the local authority. If the client is legitimate, the request will be forwarded to the trusted in power. The believed power will then forward this request to the owner of www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science [5246] e-ISSN: 2582-5208 International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:06/June-2022 Impact Factor- 6.752 www.irjmets.com the relevant data. The proprietor will then examine the client's trait set. If the client has a large number of traits, the owner will transmit a key to the client. The clock will start counting whenever the proprietor sends a key to a client. That key becomes invalid when a certain amount of time has passed. As a result, the client must complete the requested paper within the specified time frame. 4. Document Deletion Only the owner of the data has the ability to delete it from the cloud. During the information proprietor's enlisting season, the believed power will assign each information proprietor an id number. For them, these id numbers are exceptionally long-lasting. Similarly, each of them has a secret key that isn't particularly long- lasting. To delete a document, the information owner must first file a request to his corresponding space authority. The proprietor id and document name are included in this solicitation. The area administration will then inquire about the proprietor's secret word. The area authority will forward the deletion request to the confided in power if the proprietor offers the correct secret word. The believed power will then delete the document from the cloud. IV. CONCLUSION It is a highly efficient model for providing cloud computing access control. It has a hierarchical structure and uses a clock to provide a time-based decryption key. In cloud computing, this paradigm ensures both security and access control. Registration, file upload, file download, and file deletion are the major operations in this model. V. REFERENCES [1] Y.G.Min, Y.H.Bang, “Cloud Computing Security Issues and Access Control Solutions”, Journel of Security Engineering, vol.2, 2012. [2] Z.Wan, J.Liu, R.H.Deng, “HASBE:A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing”, IEEE Transactions on Forensics and Security, vol 7, no 2, APR 2012. [3] P.Mell, “The NIST Definition of Cloud Computing.” U.S. Department of Commerce:Special Publication 800-145. [4] M.Li, S.Yu, Y.Zheng, K.Ren, W.Lou, “Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption,” IEEE Technology Transactions on Parallel and DistributedSystems, vol 24, no 1, JAN 2013. [5] Y.Tang, P.P.C.Lee, J.C.S.Lui, R.Perlman, “Secure Overlay Cloud Storage with Access Control and Assured Deletion,” IEEE Transactions on Dependable and Secure Computing, vol 9, no 6 NOV/DEC 2012. [6] Y.Zhu, Hu, D.Huang, S.Wang, “Towards Temporal Access Control in Cloud Computing,” Arizona State University, U.S.A. [7] A.R.Khan, “Access Control in CloudComputing Environment,” ARPN Journal of Engineering and Applied Sciences, vol7, no 5, MAY 2012. [8] B.Sosinsky, “Cloud Computing Bible,”, Ed. United States of America: Wiley,2011. [9] M.Zhou, Y.Mu, W.Susilo, M.H.Au, “Privacy-Preserved Access Control for Cloud Computing,” IEEE International Joint Conference, 2011. [10] S.Yu, C.Wang, K.Ren, W.Lou, “Achieving Secure, Scalable, and Finegrained Data Access Control in Cloud Computing,” Journel from Illinois Institute of Tech.
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science