User Revocation-Enabled Access Control Model Using Identity-Based Signature in the Cloud Computing Environment.

Tarun Kumar; Prabhat Kumar; Suyel Namasudra

doi:10.9781/ijimai.2024.05.001

Authors

Tarun Kumar National Institute of Technology Patna.
Prabhat Kumar National Institute of Technology Patna.
Suyel Namasudra National Institute of Technology Agartala.

DOI:

https://doi.org/10.9781/ijimai.2024.05.001

Keywords:

Cryptography, Digital Signatures, Elliptic Curve Cryptography (ECC), Identity-Based Signature, Revocation

Abstract

Nowadays, a lot of data is stored in the cloud for sharing purposes across various domains. The increasing number of security issues with cloud data raises confidentiality concerns about keeping these stored or shared data. Advanced encryption and decryption techniques in cloud computing environments can be considered useful to achieve this aspect. However, an unresolved yet critical challenge in cloud data-sharing systems is the revocation of malicious users. One of the common methods for revocation involves periodically updating users' private keys. This approach increases the workload of the Key Generation Center (KGC) as the number of users increases. In this work, an efficient Revocable Identity-Based Signature (RIBS) scheme is proposed, wherein the revocation functionality is delegated to an External Revocation Server (ERS). This proposed scheme allows only the non-revoked users to access the system resources, thus, providing restricted access control. Here, the ERS generates a secret time key for signature generation based on a revoked user list. In the proposed method, a user uses its private key and secret time key to sign a message. Furthermore, to maintain data confidentiality, symmetric encryption and Elliptic Curve Cryptography (ECC) based asymmetric encryption techniques are used before outsourcing data to the cloud server. The results illustrate that the proposed scheme outperforms some of the existing schemes by providing reduced computation costs.

Downloads

Download data is not yet available.

References

F. J. Abdullayeva, “Internet of things‐based healthcare system on patient demographic data in Health 4.0,” CAAI Transactions on Intelligence Technology, vol. 7, no. 4, pp. 644–657, 2022.

L. D. Sharma, J. Rahul, A. Aggarwal, and V. K. Bohat, “An improved cardiac arrhythmia classification using stationary wavelet transform decomposed short duration QRS segment and Bi-LSTM network,” Multidimensional Systems and Signal Processing, vol. 34, pp. 503-520, 2023. DOI: https://doi.org/10.1007/s11045-023-00875-x.

D. Boneh and M. Franklin, “Identity-based encryption from the weil pairing,” in J. Kilian, (eds) Advances in Cryptology-CRYPTO 2001. CRYPTO 2001. Lecture Notes in Computer Science, vol. 2139. Springer, 2001. DOI: https://doi.org/10.1007/3-540-44647-8_13

Y. Wang, Q. Han, G. Cui, and J. Sun, “Hiding messages based on DNA sequence and recombinant DNA technique,” IEEE Transactions on Nanotechnology, vol. 18, pp. 299-307, 2019.

L. D. Sharma, V. K. Bohat, M. Habib, A. M. Al-Zoubi, H. Faris, and I. Aljarah, “Evolutionary inspired approach for mental stress detection using EEG signal,” Expert Systems with Applications, vol. 197, 2022. DOI: https://doi.org/10.1016/j.eswa.2022.116634

Q. Qian, Y. Jia, and R. Zhang, “A lightweight RFID security protocol based on elliptic curve cryptography,” International Journal Network Security, vol. 18, no. 2, pp. 354-361, 2016.

J. K. Liu, M. H. Au, X. Huang, R. Lu and J. Li, “Fine-grained two-factor access control for web-based cloud computing services,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 3, pp. 484-497, 2016.

T. C. Yang, N. W. Lo, H. T. Liaw, and W. C. Wu, “A secure smart card authentication and authorization framework using in multimedia cloud,” Multimedia Tools and Applications, vol. 76, pp. 11715-11737, 2017.

X. Jia, D. He, S. Zeadally, and L. Li, “Efficient revocable ID-based signature with cloud revocation server,” IEEE Access, vol. 5, pp. 2945-2954, 2017.

T. D. P. Bai, K. M. Raj, and S. A. Rabara, “Elliptic curve cryptography-based security framework for internet of things (IoT) enabled smart card,” in Proceedings of the World Congress on Computing and Communication Technologies (WCCCT), IEEE, Tiruchirappalli, India, 2017.

Y. M. Tseng and T. T. Tsai, “Efficient revocable id-based encryption with a public channel,” The Computer Journal, vol. 55, no. 4, pp. 475-486, 2012.

T. T. Tsai, Y. M. Tseng, and T. Y. Wu, “Provably secure revocable ID-based signature in the standard model,” Security and Communication Networks, vol. 6, no. 10, pp. 1250-1260, 2013.

Y. H. Hung, T. T. Tsai, Y. M. Tseng, and S. S. Huang, “Strongly secure revocable id-based signature without random oracles,” Information Technology and Control, vol. 43, no. 3, pp. 264-276, 2014.

Y. Sun, F. Zhang, L. Shen, and R. Deng, “Revocable identity-based signature without pairing,” in Proceedings of the 5th International Conference on Intelligent Networking and Collaborative Systems, IEEE, Xi’an, China, 2013, pp. 363-365.

J. Wei, W. Liu, and X. Hu, “Forward-secure identity-based signature with efficient revocation,” International Journal of Computer Mathematics, vol. 94, no. 7, pp. 1390-1411, 2017.

M. Ma, G. Shi, X. Shi, M. Su, and F. Li, “Revocable certificateless public key encryption with outsourced semi-trusted cloud revocation agent,” IEEE Access, vol. 8, pp. 148157-148168, 2020.

X. Yang, J. Wang, T. Ma, C. Chen, and C. Wang, “A secure and efficient ID-based signature scheme with revocation for IOT deployment,” in Proceedings of the Sixth International Conference on Advanced Cloud and Big Data (CBD), IEEE, Lanzhou, China, 2018, pp. 202-207.

L. M. Adleman, “Molecular computation of solutions to combinatorial problems,” Science, vol. 266, no. 5187, pp. 1021-1024, 1994.

M. Sohal and S. Sharma, “BDNA-A DNA inspired symmetric key cryptographic technique to secure cloud computing,” Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 1, pp. 1417-1425, 2022.

A. Murugan and R. Thilagavathy, “Cloud storage security scheme using DNA computing with morse code and zigzag pattern,” in Proceedings of the IEEE International Conference on Power, Control, Signals and Instrumentation Engineering(ICPCSI), IEEE, Chennai, India, 2018, pp. 2263-2268.

B. Wang, Y. Xie, S. Zhou, C. Zhou, and X. Zheng, “Reversible data hiding based on DNA computing,” Computational Intelligence and Neuroscience, vol. 2017, 2017. DOI: http://dx.doi.org/10.1155/2017/7276084

S. Namasudra and P. Roy, “Size based access control model in cloud computing,” in Proceedings of the International Conference on Electrical, Electronics, Signals, Communication and Optimization, IEEE, Visakhapatnam, India, 2015, pp. 1-4.

A. T. Ehis, “Optimization of security information and event management (SIEM) infrastructures, and events correlation/regression analysis for optimal cyber security posture,” Archives of Advanced Engineering Science, 2023. DOI: https://doi.org/10.47852/bonviewAAES32021068

V. S. Gaur, V. Sharma, and J. McAllister, “Abusive adversarial agents and attack strategies in cyber-physical systems,” CAAI Transactions on Intelligence Technology, vol. 8, no. 1, pp. 149-165, 2023.

B. M. Ahmad, S. M. Ahmed, and D. E. Sylvanus, “Enhancing phishing awareness strategy through embedded learning tools: A simulation approach,” Archives of Advanced Engineering Science, 2023. DOI: https://doi.org/10.47852/bonviewAAES32021392

D. Zhang, M. Shafiq, L. Wang, G. Srivastava, and S. Yin, “Privacy-preserving remote sensing images recognition based on limited visual cryptography,” CAAI Transactions on Intelligence Technology, vol. 8, no. 4, pp. 1166-1177, 2023.

J. H. Yang and P. Y. Lin, “A mobile payment mechanism with anonymity for cloud computing,” Journal of Systems and Software, vol. 116, pp. 69-74, 2016.

Z. Qin, J. Sun, A. Wahaballa, W. Zheng, H. Xiong, and Z. Qin, “A secure and privacy-preserving mobile wallet with outsourced verification in cloud computing,” Computer Standards & Interfaces, vol. 54, pp. 55-60, 2017.

A. J. L. Rivero, M. E. Beato, C. M. Martínez, and P. G. C. Vázquez, “Empirical analysis of ethical principles applied to different AI uses cases,” International Journal of Interactive Multimedia and Artificial Intelligence, vol. 7, no. 7, pp. 105-104, 2022.

Y. Liao, Y. He, F. Li, and S. Zhou, “Analysis of a mobile payment protocol with outsourced verification in cloud server and the improvement,” Computer Standards & Interfaces, vol. 56, pp. 101-106, 2018.

S. Das, S. Namasudra, S. Deb, P. M. Ger, and R. G. Crespo, “Securing IoT-based smart healthcare systems by using advanced lightweight privacy-preserving authentication scheme,” IEEE Internet of Things Journal, vol. 10, no. 21, pp. 18486-18494, 2023.

S. Khasim and S. S. Basha, “An improved fast and secure CAMEL based authenticated key in smart health care system,” Cloud Computing and Data Science, vol. 3, no. 2, pp. 77-91, 2022.

M. An, Q. Fan, H. Yu, B. An, N. Wu, H. Zhao, X. Wan, J. Li, R. Wang, J. Zhen, Q. Zou, and B. Zhao, “Blockchain technology research and application: A literature review and future trends,” Journal of Data Science and Intelligent Systems, 2023. DOI: https://doi.org/10.47852/bonviewJDSIS32021403

G. Zhang, X. Chen, L. Zhang, B. Feng, X. Guo, J. Liang, and Y. Zhang, “STAIBT: Blockchain and CP-ABE empowered secure and trusted agricultural IoT blockchain terminal,” International Journal of Interactive Multimedia and Artificial Intelligence, vol. 7, no. 5, pp. 66-75, 2022.

G. Thakur, P. Kumar, C. M. Chen, A. V. Vasilakos, Anchna, and S. Prajapat, “A robust privacy-preserving ECC-based three-factor authentication scheme for metaverse environment,” Computer Communications, vol. 211, pp. 271-285, 2023.

T. Kumar, S. Namasudra, and P. Kumar, “Providing data security using DNA computing in the cloud computing environment,” International Journal of Web and Grid Services, vol. 19, no. 4, pp. 463-486, 2023.