Fuzzy Authorization for Cloud Storage

Zhu, Shasha

January 2013

It is widely accepted that OAuth is the most popular authorization scheme adopted and implemented by industrial and academic world, however, it is difficult to adapt OAuth to the situation in which online applications registered with one cloud party intends to access data residing in another cloud party. In this thesis, by leveraging Ciphertext-Policy Attribute Based Encryption technique and Elgamal-like mask over the protocol, we propose a reading authorization scheme among diverse clouds, which is called fuzzy authorization, to facilitate an application registered with one cloud party to access to data residing in another cloud party. More importantly, we enable the fuzziness of authorization thus to enhance the scalability and flexibility of file sharing by taking advantage of the innate connections of Linear Secret-Sharing Scheme and Generalized Reed Solomon code. Furthermore, by conducting error checking and error correction, we eliminate operation of satisfying a access tree. In addition, the automatic revocation is realized with update of TimeSlot attribute when data owner modifies the data. We prove the security of our schemes under the selective-attribute security model. The protocol flow of fuzzy authorization is implemented with OMNET++ 4.2.2 and the bi-linear pairing is realized with PBC library. Simulation results show that our scheme can achieve fuzzy authorization among heterogeneous clouds with security and efficiency.

Authorization

Cloud Storage

Security Protocol

CP-ABE

Fuzzy

A SYSTEMATIC REVIEW OF ATTRIBUTE-BASED ENCRYPTION FOR SECURE DATA SHARING IN IoT ENVIRONMENT.

Onwumere, Faith Nnenna

January 2023

Internet of Things (IoT) refers to a network of global and interrelated computing devices that connects humans and machines. It connects anything that has access to the internet and creates an avenue for data and information exchange. Devices within the IoT environment are embedded with processors, sensors and communication hardware that helps these devices collate data, analyze data (when needed), and transfer data amongst themselves. Even with the existence of IoT in making things easier for users and with the introduction of newer variants of IoT, several security and privacy challenges are introduced. In the rapidly evolving landscape of the Internet of Things (IoT), ensuring secure data sharing has become a critical concern. Attribute-based encryption (ABE) has emerged as a promising cryptographic technique for addressing security challenges in IoT environments. Attribute-Based Encryption (ABE) is a cryptographic method that provides public key encryption and access control based on attributes allocated. ABE can be used to encrypt data transmitted between IoT devices and the cloud. In situations where several devices have to interact with each other (e.g., smart home interacting with the user’s hospital IoT system), an intranet of things is formed, and these data is stored in the cloud. ABE can serve as a secure means of transmitting this data since these devices already possess unique attributes that can grant users access control. In this thesis, we aim to present a systematic review of the Attribute-Based Encryption techniques specifically designed for secure data sharing in IoT environments. The objective of this review is to analyze and synthesize existing research, identify trends, and highlight key findings in the field. Therefore, the document survey is chosen as the research strategy. PRISMA framework is followed in searching the eligible literature in 5 databases (Springer, ACM Digital library, Google Scholar, IEEE, Research Gate, Research Square, and Science Direct), with a final set of 30 articles retrieved from ACM Digital Library, IEEE, and Science Direct, all included for analysis. The results show insights on the several ABE approaches used in implementing a secure data sharing framework with access control (which involves enforcing policies that help data owners determine who can and cannot access their data), data privacy (which involves measures taken to ensure that confidentiality, integrity, and availability of any shared data), and data security (which involves practices that help protect any form of shared data from unauthorized access, tamper, or disclosure) in IoT devices.

IoT

ABE

Attribute-based Encryption

CP-ABE

KP-ABE

Internet of Things

Cryptography

Smart Devices

Information Systems