USER ATTRIBUTE BASED DATA ACCESS AND SHARING ON …...the proposed scheme of User Attribute Based Data Access and Sharing provides a better solution for the access control mechanism

http://www.iaeme.com/IJCET/index.asp 57 [email protected]

International Journal of Computer Engineering & Technology (IJCET)

Volume 8, Issue 4, July-August 2017, pp. 57–70, Article ID: IJCET_08_04_007

Available online at

http://www.iaeme.com/ijcet/issues.asp?JType=IJCET&VType=8&IType=4

Journal Impact Factor (2016): 9.3590(Calculated by GISI) www.jifactor.com

ISSN Print: 0976-6367 and ISSN Online: 0976–6375

© IAEME Publication

USER ATTRIBUTE BASED DATA ACCESS AND

SHARING ON CLOUD COMPUTING

ENVIRONMENT

S. Eswari

Research Scholar, Department of Computer Science and Engineering,

Mother Teresa Women’s University, Kodaikannal, Tamilnadu, India

Dr. S. Manikandan

Professor and Head, Department of Computer Science,

Sriram Engineering College, Chennai, Tamilnadu, India

ABSTRACT

It is more important to secure users sensitive data in the distributed cloud

environment. There has been lot of researches going on managing users and user’s

data in the cloud server. But allowing users to store, access and share data between

them makes a serious security issues that can spoil entire cloud environment. The aim

of this paper is to provide a secure method to make users store and retrieve data in

server with specific access control. A user should not access data that not belongs to

him. The proposed technique of User Attribute Based Data Access and Sharing will be

technically a better method to offer. This enables data management simpler and also

prevents invalid access control. It also addresses user session revocation of invalid

user and replay attack avoidance.

Key word: Attribute based access control, Cloud Access Security, Cloud data privacy,

Privacy preserving cloud.

Cite this Article: S. Eswari and Dr. S. Manikandan, User Attribute Based Data

Access and Sharing on Cloud Computing Environment. International Journal of

Computer Engineering & Technology, 8(4), 2017, pp. 57–70.

http://www.iaeme.com/ijcet/issues.asp?JType=IJCET&VType=8&IType=4

1. INTRODUCTION

Numbers of researches are being done in access control on cloud service providers. A cloud

is capable of storing large number of data in various formations. A high end access control

mechanism should be implemented ensure access control client’s data like medical report,

official documents or even personal information about social networking. Access control is

first and must need application used to provide security of users and their personal data on the

cloud to share with other. The privacy of the user data should take in concern that any higher

authority of the cloud should not know that the data belongs to whom. In some server an

S. Eswari and Dr. S. Manikandan


Administrator has the privilege to access the web data it may cause privacy issue of client’s

data on cloud. The system has to enable a user to provide comment without showing his/her

identity. It is a difficult process to make a cloud user to identify him/her without showing

his/her identity to access controller. With the experimental evaluation this paper proves that

the proposed scheme of User Attribute Based Data Access and Sharing provides a better

solution for the access control mechanism in cloud computing environment.

1.1. Access Control in Cloud Computing

Cloud provides a better feature to allow the user to store their data remotely ( Qian Wang,

Cong Wang may 2011 ) on the server than in local. Thus he/she can access the data from

anywhere over the Internet. Thus, security and accessibility of the client’s data must be

guaranteed. Main contribution of this paper is to effectively detect any unauthorized data

accessing and modification, possibly intrusion and session hijacking attacks, zero day attacks

( Huaqun Wang , Debiao He ,Shaohua 2016). Besides, in the distributed servers when such

problems are successfully detected, to find which server the data leak lies in is also of great

significance, since it can always be the first step to fast recover the accessibility errors and/or

identifying potential threats of external attacks. To solve these problems, better file access

security and privacy-preserving mechanism ( Ximeng Liu, Wenxiu Ding 2016) is presented

in this proposed model of access control. The first process of this proposed model is devoted

to a review of basic tools from coding theory that is needed for file uploading and data

sharing ( Gongjun Yan Ding Wen march 2013 ) over the cloud servers. Then, the unique user

and file attribute ( Wenhai Sun ,Shucheng Yu 2014) is introduced to preserve access security.

The attribute computation function in the proposed scheme is considering belongs to a family

of universal hash function, chosen to preserve the unique properties, which can be perfectly

integrated with the verification of accessible data. Subsequently, it is shown how to validate

the user and his/her respective file attribute for verifying the storage correctness and also

identifying misbehaving users on the cloud. The procedure for file retrieval and sharing is

properly outlined in our proposed model. Finally, this paper describes how to extend our

scheme to internal auditing with only slight modification of the main design.

1.2. Proposed User Attribute Based Data Access and Sharing

The proposed access control mechanism is named as the User Attribute Based Data Access

and Sharing. This proposed access control mechanism using the following attributes to

control manage the session, file access and file sharing over the cloud file storage. At the

time of account creation the user has to provide his/her necessary credentials to the cloud

web server. The cloud web server retrieves all the user credential and generate a user attribute

using the credentials. This user attribute is used as the identity of the user other than the

username unlike in other existing approaches. The username is used as identity only at the

login time of the user. The user is unaware of his/her user attribute, they not even know that

their access is controlled by some kind of mechanism. All they know about is that they have

to provide their username and password to login into their account.

1.3. Session Control using Session Attribute

While at this time the authentication server get the authentication parameters username and

password from the user and validate it using the one store in the cloud authentication

database. For the valid username it retrieves the user attribute and bind it in the session. Thus

the user attribute is now provided as the session attribute. So the other servers can validate the

user only by the user attribute by not knowing the actual user in the server. By this way the

privacy of the user is totally preserved.

User Attribute Based Data Access and Sharing on Cloud Computing Environment


1.4. File Security using File Attribute

Then the user is allowed to upload and download his/her file on the cloud storage system by

the secured file attribute mechanism. Unlike the other approaches the file attribute

mechanism allows the user to upload file with user attribute. For specific file a file attribute

get generated by the cloud server. Using the file attribute as the key the user file is encrypted

with the Data Encryption Standard and stored into the cloud storage. In respective to the

upload the reference is added for the user attribute in the following manner in the reference

database.

Ux,Fx,Kx,T,cm...

where,

Ux – user attribute

Fx - file attribute

Kx – key attribute

T – time of uploaded

cm – client machine details

Then the proposed cloud environment allow the clients to share and access the shared file

securely on cloud storage environment. A user can share his/her file to another user on the

cloud. While existing approaches user hierarchical based access control and sharing our

method uses access attribute based access control for the better flexibility and security. No

specific file hierarchy in used in our approach so the cost of implementation needs no special

equipment or architecture. This reduces the storage cost on the cloud storage environment.

1.5. Access Control using Access Attribute

Another scheme of the proposed work is to provide better access control for user files. Any

user with the user attribute and with valid session can request for his/her file or file shared to

them. At the time of file request the user attribute is get verified by the access controlling

server. By verifying the user attribute the access controller will bind another key name access

attribute which is the temporary and can be used only once to retrieve a file. Then the user is

redirected to the cloud server storage. And at cloud storage the access key get verified by the

key issuing authority. Even ofter validating the access attribute the user can only access

his/her own file or shared file only if the user attribute matches the attribute stored in the

cloud storage database. And then user can download and decrypt the file using file attribute as

the key with Data Encryption Standard algorithm.

2. METHODS

This section explains the researches made on cloud computing access control and data

security (Kam Yang,Xiaohua Jia Fellow 2016 ) mechanism in various ways. The first method

taken on discussion is hierarchical key assignment scheme (Shaohua Tang,Xiaovu Li 2015).

It works based on linear geometry which is used for the solution of invalid accessibility. The

key storage is used as the hierarchical way that it can be included within the access rule. Key

of a user is stored in the higher level and the shared key is stored in the lower level class.

User has the higher level privilege cannot access the higher level keys but higher level

accessible users can access lower level keys. The next paper concentrates on virtual machine

security and its co-resident attacks. Malicious user can try to access data from another virtual

machine that he is accessible to. This paper concentrates in elimination of side channels while

on accessing file from the cloud. This system can able to identify attacker and legal user on

the cloud server. It uses the Game theoretical approach (Yi Han,Tansu Alpan Jeffrey Chan



march 2016) to solve the security issues. Another paper using a model called efficient

privacy-preserving model ( Xmeng Liu ,Robert H. Deng 2016 )( Paolo Gasti, Jaroslav

Sedenka 2016 )( Shengshan Hu ,Qian Wang 2016 ). It concentrates on how securely

outsource the data on the cloud servers. It uses the tap door cryptosystem with public key to

identify user data and provide privacy. This method can be used over the distributed

encrypted domains.

Next paper concentrates on confidentiality of the user data over the privileged domains. It

proposes secure cloud architecture with hardware security module (jinho seol ieee seongwook

jin jan 2007 )( T.Thamarai Selvan ,Glidersoft April 2011). It isolates the cloud user data from

the malicious user data and they are handled separately. The data accessibility is not exposed

to the invalid users of the cloud that they can’t reach the accessibility over the data on the

cloud server. Cipher text-policy and attribute based encryption (shulan wang,Kaitai Liang

2016) is the next existing idea in preventing user data over the cloud (Ziad Ismail ,

Christophe Kiennert 2016). The policy of the data is fully controlled by the data owner

himself. The key issuing authority is implemented to issue key for the accessible user on the

cloud. This system adopts the two-party key issuing model to guarantee the secured data

access. It uses the attribute weight calculated from the file properties to identify a file

uploaded. Service level agreement is the next proposed model user to provide data

confidentiality on cloud. It not only validates the cloud user and also verifies the accessibility

of the cloud service providers. This model also uses the game theoretical approach for solving

the two user’s communication security. Next existing method uses the circuit cipher text

policy to keep user data confidentially on the cloud storage system. This scheme also

concentrates on reducing the computational cost. It uses the hybrid encryption ( Jie Xu,

Qiaoyan Wen 2015 ) to provide high level security on cloud data with confidentiality. The

next method is name as the Cloud Armor (Talal H.Noor,Quan Z.Sheng 2014). Cloud Armor

works on trust management of the cloud services. It aims at providing privacy for user data

(Qian Wang, Cong Wang may 2011 ), security of the user data and availability of the user

data. It allows the user to communicate with the cloud with the trusted services (Victor Chang

,Muthu Ramavhandran 2015 ).

2.1. Problem Formulation

From the above survey done the following problems are formulated in the cloud computing

related to access control and file security and privacy preserving. User’s data is stored under

cloud file server with managed file attributes so that only authorized users with valid user

attribute and file attribute able to access them. The proposed model preserves the user’s

privacy by hiding its identity from the authentication server. The architecture is decentralized

by implementing the account management and key management server as the centralized

server. Process collusion is purely omitted on our proposed scheme that two users cannot

have single attribute for validating them self. In our scheme user revocation (Tao Jiang ,

Xiaofeng Chen 2015) is not implemented instead query analysis with file attribute

verification is done orderly. The proposed scheme is able to prevent the cloud storage servers

from replay attacks. In this proposed scheme time consumption for verifying the user attribute

is minimized. The protocol supports multiple access of file attribute and decryption at a time

thus the proposed scheme proves its load balancing capacity. The cost of implementing the

proposed system is not costlier than the existing schemes.

Existing scheme uses the Attribute Based Encryption scheme to encrypt and upload user

data. It is the well secured process for storing and retrieving the file from cloud only if there

is only on accessible for a set of files. There will be lack in security when user tried to share

his/her file with other users. In our proposed scheme while the file upload performed by the



cloud server a unique key called key attribute which is generated and stored in key

management server. Using those key attribute the files uploaded is encrypted with its file

attribute which maintains the uniqueness of file. File access is verified using this file and user

attribute only. As our proposed model uses the previously calculated user attribute time

consumption of user validation is rapidly minimized. While a user wants to access his/her

data he/she has to submit the user attribute and file attribute to the cloud service provider.

Those users attribute and file attribute is used for access validation. If the user attributes

matches the one stored in the account management server and authentication server then the

file access is provided to the user. The proposed method of User Attribute Based Data Access

and Sharing will able to solve the above mentioned problems. In this proposed method

instead of using users attribute key to encrypt data the data key is generated for every date the

user uploaded to the server. This will provide access control for the client from viewing

others data. In case of privacy the key for data is stored in one server and the data stored in

cloud so any administrator can’t view clients data. For providing access control and reply

attacks the user control mechanism is implemented.

2.2. Contributions

The proposed model is designed to solve the following problems by optimizing the existing

framework with the proposed schemes and algorithms. The below given points are kept in

mind while designing and optimizing the cloud access control mechanism. The contributions

are as follows,

The proposed scheme of access control is capable of providing individuality among the user

of the cloud by assignment of user attribute to every user. The client need not to required to

manage this user attribute in any cause. The server itself has the specific authentication

database to manage the user attributes.

The proposed scheme can manage the individuality of the each every file uploaded by every

user on the cloud environment. The file individuality is maintained by the file attribute

assignment for every file show its uniqueness.

Instead of considering file as the various group the files as consider as the set with respect to

the user which is described in the Section 2.2.3.

Access control should be preserved for every single data and for every user on the cloud. The

access control is achieved by providing temporary access attribute to the client’s session.

Where the client doesn't know about it.

Users should able to share data over the cloud by preserving his/her privacy and security. By

providing the user attribute and file attribute it is achieved by the proposed system. As the

username and the filename is hidden from the server and from other cloud service providers.

2.3. Preliminaries

2.3.1. Expected users

Let U be the user set then {U0, U1, U2, …., Un-1} are the expected users who hold account

on the cloud server. There are no limitations for the Users to create account on the cloud. A

user may have more than one account on the cloud but the account individuality is maintained

by the user id Ux. The Ux is the User id of the user on the cloud.

2.3.2. File on Server

Let F be the set then {F0, F1, F2, ….., Fn-1} are representing file uploaded by the Ux on the

cloud. Fx represents the file which has the individuality and identity to avoid duplication. For

every Ux, F set is maintained.



2.3.3. Encrypted Files

Let EF be the set then {EF0, EF1, EF2, ….., EFn-1} are representing file Encrypted Files of

the Ux the user on the cloud. EFx represents the file in encrypted form with unique identity.

2.3.4. Encryption Key

For every User Ux on the cloud a specific key set is maintained. The key set will be having

keys {K0, K1, K2,…., Kn-1 } for the encrypted files of the user on the cloud server.

2.3.5. File Sharing

Let UxFx be the files of the Ux User on the cloud then { U0F0, ,U0F1 , U0F2 , …., U0Fn-

1} are the files of U0 and { U1F0, ,U1F1 , U1F2 , …., U1Fn-1} are the files of U1. Then if

the U0 wants to share the file U0F0 to the User U1 then the { U1F0, ,U1F1 , U1F2 , U0F0….,

U0Fn-1} becomes the files of U1.

2.3.6. Key Sharing

Let K0 is the encrypted key for F0 file then {K0 , K1 , K2 , …., Kn-1 } are the key set for the

file set {F0 , F1 , F2 , …., Fn-1 }. And consider the above file sharing if U0F0 become the

file of U1. If F0K0 is the key combination of file F0 , then the key set of user U1 will be

{F0K0, F1K1 , F2K2 , …., FnKn-1 } U { FxKx} shared key and file of U0.

2.4. Problem Solution

2.4.1. System Model

The following diagram shows the account creation process of the user on the cloud server.

Figure 1 Client account creation

A client has to provide his/her necessary information to the cloud server to create a new

access. Using the user client information a user attribute is generated by the cloud server and

sent to the account management server on the cloud. Account management server stores the

user attribute and his/her details including username, email, password and other details in it.

The username and password alone sent the authentication server which is responsible for

client authentication.



Figure 2 Client authentication process

Above figure shows process for authentication on the cloud server. Unlike other

authentication scheme not only the username and password get validated in this scheme.

Along with the username and the password the user attribute is also verified on the

authentication server. The user attribute is obtained from the account management server. The

user attribute verification is performed unaware of the client. If the authentication and user

attribute is valid a new session will be created for the client.

Figure 3 File upload processing

The above figure describes the file upload process scheduled in out proposed scheme.

Consider client one uploading a file to cloud server. While uploading the client has to give

his/her session details and file to the server. The cloud server validates the user attribute with

client’s session id. If the session is seems to be valid then the key generation process is

performed on the key generation server. The unique file attribute is generated for the file

uploaded on the server. The responsible of the key generation server is to store user attribute,

file attribute and key. The key generation server is unaware of client who uploaded the file.

Thought this the proposed scheme preserve the privacy of the client on the cloud. Then for

providing the security the file encryption is performed on the user’s file. The traditional Data

Encryption Standard is used to encrypt the file using the generated key. And finally the

encrypted file with the file attribute is stored on the file storage. The file server is unaware of

encryption key and the file owner.



The Fig.4 shows the secured file sharing between clients on the cloud network. An

accessible user can authenticate him/herself on the cloud server. Then, by providing his/her

user attribute a client can request for a file he/she uploaded previously on the cloud storage.

The cloud server validates the user attribute and the requested file. If the user attribute is the

valid and the requested file on the server get searched and matched with the file attribute.

Then the cloud server sends the key request to the key management server.

Figure 4 Attribute verification for client access

And then decryption in done with the file and the key retrieved from the key management

server. After file decryption the file is added to the file set of client two who is the right one

for sharing file. Thus the attribute of the file is now can access by the client two also. The

entire process is given in the following algorithm.

2.4.2. Algorithm: User Attribute Based Data Access and Sharing

2.4.2.1. Algorithm: File upload

while true:

get user_attribute

get user_file

if user_attribute present:

generate key

encrypt user_file

store key in key_server

store file in file_server

else

drop request



2.4.2.2. Algorithm: File Sharing

while true:

get file_request

extract user_attribute

extract file_attribute

search for file_attribute

if file_attribute present:

get key for file_attribute

validate user_attribute

if user_attribute valid:

add key & file_attribute

to shared_user_list

else

drop_request

else

deny_access

2.4.2.3. Algorithm: Attribute validation

get user_attribute

get file_attribute

send attribute_request

get db_user_attribute

if db_user_attribute=user_attribute

return true

else

return false

3. RESULTS

In this section the security and performance of the proposed scheme is discussed.

3.1. Experimental Setup

The proposed experimental setup has number of virtual servers. They are Cloud Server,

Authentication Server, Account Management Server, Key Management Server and File

Server. They are connected in parallel to form a distributed cloud environment. All the

servers are controlled by the centralized cloud server. The test cloud server has the



connection limitations of 8192. That means 8192 concurrent users can be in session at a time

with the server. The key management server has the capability to store millions of key and

file attributes similarly the account management server can manage millions of user account.

The file server is limited with the file storage size of 1024 GB. Table 2: show the set of

machine, OS, CPU, RAM and HDD used in the test environment.

3.2. Performance Analysis

Fig.5 shows the performance of the proposed system with the given resources. The

performance criteria can be calculated for various configurations of environment setups. Fig.5

shows the graph of user and time taken to complete the file upload and sharing it. The graph

clearly explains that the server is capable of handling 2000 number of user at a time and they

can upload file of size 1GB within 12 seconds. Fig.6 shows the relationship between File Set

and Clients on the cloud network. Form the graph it can be calculated that the number or File

Set is propotional double to the number of clients on the cloud network.

nC=2(nFS)

nC – number of clients on cloud

nFS – number of file system in cloud

Fig.7 shows Encryption time vs File Size. From the graph data it can be visualized that

the encryption time is 1/3 propotional to the 100MB of data.

3.3. Security Analysis

To ensure the security of the proposed model some misbehaving users are involved in cloud

environment. They tried to access other user’s file without access permission. They also tried

to gain access of other user’s session view session hijacking attack. They initiated the query

injection attack to possess invalid queries to the server. The following table shows the

security evaluation for those attacks. Performance Analysis – Time taken for authentication

vs No. of users on server

Unlike other system out proposed model have the capabilities to prevent intrusion and

session hijacking attacks by validating user attribute. The query injection attack is prevented

by validating the file attribute on the request along with the user attribute. As the key & file

attribute and file and user attribute are stored in different servers the privacy of the user is

preserved securely.

Figure 5 Performance Analysis – Time taken for authentication vs No. of users on server



Figure 6 File Set vs Clients

Figure 7 Encyption Time vs File Size

Table 1 Comparing various authentication schemes

Model/ Attacks Prevented

Intrusion Attack

Prevented Session

Hijacking

Prevented Query

injection

Privacy presentation

Third party

auditing

Yes Yes No Yes

Triple Encryption

Model

Yes No Yes No

Hybrid Encryption

Model

Yes No No Yes

Our Scheme Yes Yes Yes Yes



Table 2 Environmental Setup Configuration

Server

Machine

Operating System CPU RAM HDD Virtual Machine

Web Server Ubuntu 16.04 LTS Pentium Dual Core

2.60 GHZ

1GB 8GB Oracle Virtual Box

Authentication

server

Ubuntu 16.04 LTS Pentium Dual Core

2.60 GHZ


Account Server Ubuntu 16.04 LTS Pentium Dual Core

2.60 GHZ


Key

Management

Server

Ubuntu 16.04 LTS Pentium Dual Core

2.60 GHZ


File Sever Ubuntu 16.04 LTS Pentium Dual Core

2.60 GHZ

2GB 20GB Host Machine

4. CONCLUSIONS

Using this proposed technique the new privacy method has been implemented for securing

the user files from the malicious admin in the cloud server. Key management is handled

effectively. This new cloud environment is tested in local area network and it is working

perfectly. Key sharing along with the user file sharing is an effective method for the users.

This method can be adopted in any of the social network which is caring about user’s image

privacy. In future this model for feature selection from the high dimensional database systems

will have been implemented and tested with the different set of parameters. From the analysis

above we can know that faster performance than other encryption algorithms. The reason lies

behind is the characteristics of the data set and the property of the proposed algorithm. The

algorithm can be extended to support future selection that data retrieval accuracy can be

improved when there is a data need to be searched instead of retrieving it from the user set.

REFERENCES

[1] Shaohua Tang, Xiaoyu Li, Xinyi Huang, Yang Xiang, Lingling Xu: Achieving Simple,

Secure and Efficient Hierarchical Access Control in Cloud Computing. IEEE

Transactions on Computers 2015.

[2] Yi Han, Tansu Alpcan, Jeffrey Chan, Christopher Leckie, and Benjamin I. P. Rubinstein:

A game theoretical approach to defend against co-resident attacks in cloud computing:

preventing co-residence using semi-supervised learning. IEEE transactions on information

forensics and security, vol. 11, no. 3, march 2016.

[3] Ximeng Liu, Member, IEEE, Robert H. Deng, Fellow, IEEE, Kim-Kwang Raymond

Choo, Senior Member, IEEE, and Jian Weng. An Efficient Privacy-Preserving

Outsourced Calculation Toolkits with Multiple Keys. Transactions on Information

Forensics and Security, 2016.

[4] jinho seol, student member, ieee seongwook jin, student member, ieee daewoo lee, non-

memb jaehyuk huh, member, ieee and seungryoul maeng, non-member: A trus1ted iaas

environment with hardware security module. Journal of Latex Class Files, vol. 6, no. 1,

january 2007.Shulan Wang, Kaitai Liang, Joseph K. Liu, Member, IEEE, Jianyong Chen,

Jianping Yu, Weixin

[5] Xie.Attribute-Based Data Sharing Scheme Revisited in Cloud Computing.IEEE

Transactions on Information Forensics and Security, 2016



[6] Ziad Ismail, Christophe Kiennert, Jean Leneutre, and Lin Chen: Auditing a Cloud

Provider’s Compliance with Data Backup Requirements: A Game Theoretical Analysis.

IEEE Transactions on Information Forensics and Security, 2016.

[7] Jie Xu, Qiaoyan Wen, Wenmin Li and Zhengping Jin:Circuit Ciphertext-policy Attribute-

based Hybrid encryption with verifiable delegation in cloud computing. IEEE

Transactions On Parallel And Distributed Systems, 2015.

[8] Talal H. Noor, Quan Z. Sheng, Member, IEEE, Lina Yao, Schahram Dustdar, Senior

Member, Anne, H.H. Ngu: CloudArmor: Supporting Reputation-based Trust

Management for Cloud Services. IEEE Transactions On Parallel And Distributed

Systems, Vol. 0, No. 0, 2014.

[9] Qian Wang, Student Member, IEEE, Cong Wang, Student Member, IEEE, Kui Ren,

Member, IEEE, Wenjing Lou, Senior Member, IEEE, and Jin Li.Enabling Public

Auditability and Data Dynamic for Storage Security in Cloud Computing. IEEE

Transactions On Parallel And Distributed Systems, Vol. 22, No. 5, May 2011.

[10] Huaqun Wang, Debiao He, Shaohua Tang: Identity-Based Proxy-Oriented Data

Uploading and

[11] Remote Data Integrity Checking in Public Cloud. IEEE Transactions on Information

Forensics and Security, 2016.

[12] Mengyuan Zhang, Lingyu Wang, Member, IEEE, Sushil Jajodia, Fellow, IEEE, Anoop

Singhal, Senior Member, IEEE, and Massimiliano Albanese, Member, IEEE: Network

Diversity: A scurity Metric for Evaluating the Resilience of Networks against Zero-Day

Attacks. IEEE Transactions on Information Forensics and Security, 2016.

[13] Ximeng Liu, Member, IEEE, Robert H. Deng, Fellow, IEEE, Wenxiu Ding, Rongxing Lu,

Senior Member, IEEE, Baodong Qin: Privacy-Preserving Outsourced Calculation on

Floating Point Numbers. IEEE Transactions on Information Forensics and Security, 2016.

[14] Wenhai Sun, Shucheng Yu , Wenjing Lou, Y. Thomas Hou, and Hui Li: Protecting Your

Right: Attribute-based Keyword Search with Fine-grained Owner-enforced Search

Authorization in the Cloud. IEEE Conference on Computer Communications, 2014.

[15] Tao Jiang, Xiaofeng Chen, and Jianfeng Ma: Public Integrity Auditing for Shared

Dynamic Cloud Data with Group User Revocation. IEEE Transactions on Computers,

2015.

[16] Paolo Gasti, Jaroslav Šeděnka, Qing Yang, Gang Zhou, Kiran S. Balagani: Secure, Fast,

and Energy- Efficient Outsourced Authentication for Smartphones. IEEE Transactions on

Information Forensics and Security, 2016.

[17] Shengshan Hu, Qian Wang, Member, IEEE, Jingjun Wang, Zhan Qin, and Kui Ren,

Fellow, IEEE: Securing SIFT: Privacy-preserving Outsourcing Computation of Feature

Extractions over Encrypted Image Data. IEEE Transactions on Image Processing, 2016.

[18] T.Thamarai selvan, Glidersoft: Adi Aridhal: A pulse based automated diagnostic system.

Electronics Computer Technology (ICECT), 2011 3rd International Conference, April

2011

[19] Gongjun Yan, Ding Wen, Stephan Olariu, and Michele C. Weigle: Security Challenges in

Vehicular Cloud Computing. IEEE Transactions On Intelligent Transportation Systems,

Vol. 14, No. 1, March 2013.

[20] Kan Yang, Zhen Liu, Xiaohua Jia, Fellow, IEEE, and Xuemin (Sherman) Shen, Fellow,

IEEE: Time- domain Attribute-based Access Control for Cloud-based Video Content

Sharing: A Cryptographic Approach. IEEE Transactions on Multimedia, 2016.



[21] Victor Chang, Muthu Ramachandran, Member, IEEE: Towards achieving Data Security

with the Cloud Computing Adoption Framework. IEEE Transactions on Services

Computing, 2015.

[22] Gangu Dharmaraju, J. Divya Lalitha Sri and P. Satya Sruthi, A Cloud Computing

Resolution in Medical Care Institutions for Patient’s Data Collection. International

Journal of Computer Engineering and Technology, 7(6), 2016, pp. 83–90.

[23] Dr. V. Goutham and M. Tejaswini, A Denial of Service Strategy to Orchestrate Stealthy

Attack Patterns in Cloud Computing , International Journal of Computer Engineering and

Technology, 7(3), 2016, pp. 179–186.

[24] Supriya Mandhare, Dr.A.K.Sen, Rajkumar Shende, A Proposal On Protecting Data

Leakages in Cloud Computing. International Journal of Computer Engineering and

Technology, 6 (2), 2015, pp. 45-53.

Documents

USER ATTRIBUTE BASED DATA ACCESS AND SHARING ON …...the proposed scheme of User Attribute Based Data Access and Sharing provides a better solution for the access control mechanism