Privacy Preserving Delegated Access Control in Public Clouds.

Slides:

Advertisements

Similar presentations

ACHIEVING NETWORK LEVEL PRIVACY IN WIRELESS SENSOR NETWORKS.

Advertisements

Abstract Shortest distance query is a fundamental operation in large-scale networks. Many existing methods in the literature take a landmark embedding.

On the Node Clone Detection inWireless Sensor Networks.

Optimizing Cloud Resources for Delivering IPTV Services Through Virtualization.

Abstract Cloud data center management is a key problem due to the numerous and heterogeneous strategies that can be applied, ranging from the VM placement.

Abstract Load balancing in the cloud computing environment has an important impact on the performance. Good load balancing makes cloud computing more.

A Secure Protocol for Spontaneous Wireless Ad Hoc Networks Creation.

Abstract Provable data possession (PDP) is a probabilistic proof technique for cloud service providers (CSPs) to prove the clients' data integrity without.

IP-Geolocation Mapping for Moderately Connected Internet Regions.

Secure Encounter-based Mobile Social Networks: Requirements, Designs, and Tradeoffs.

Minimum Cost Blocking Problem in Multi-path Wireless Routing Protocols.

Cross-Domain Privacy-Preserving Cooperative Firewall Optimization.

NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.

Dynamic Resource Allocation Using Virtual Machines for Cloud Computing Environment.

Understanding the External Links of Video Sharing Sites: Measurement and Analysis.

Security Evaluation of Pattern Classifiers under Attack.

Vampire Attacks: Draining Life from Wireless Ad Hoc Sensor Networks.

Abstract Many security primitives are based on hard math¬ematical problems. Using hard AI problems for security is emerging as an exciting new paradigm,

Privacy-Preserving Public Auditing for Secure Cloud Storage

Improving Network I/O Virtualization for Cloud Computing.

Privacy Preserving Data Sharing With Anonymous ID Assignment

Mobile Relay Configuration in Data-Intensive Wireless Sensor Networks.

m-Privacy for Collaborative Data Publishing

PACK: Prediction-Based Cloud Bandwidth and Cost Reduction System

EAACK—A Secure Intrusion-Detection System for MANETs

A Fast Clustering-Based Feature Subset Selection Algorithm for High- Dimensional Data.

Combining Cryptographic Primitives to Prevent Jamming Attacks in Wireless Networks.

Optimal Client-Server Assignment for Internet Distributed Systems.

Protecting Sensitive Labels in Social Network Data Anonymization.

Identity-Based Secure Distributed Data Storage Schemes.

Incentive Compatible Privacy-Preserving Data Analysis.

Enabling Dynamic Data and Indirect Mutual Trust for Cloud Computing Storage Systems.

Cooperative Caching for Efficient Data Access in Disruption Tolerant Networks.

Anonymization of Centralized and Distributed Social Networks by Sequential Clustering.

Accuracy-Constrained Privacy-Preserving Access Control Mechanism for Relational Data.

Identity-Based Distributed Provable Data Possession in Multi-Cloud Storage.

Content Sharing over Smartphone-Based Delay- Tolerant Networks.

Abstract Link error and malicious packet dropping are two sources for packet losses in multi-hop wireless ad hoc network. In this paper, while observing.

Scalable Distributed Service Integrity Attestation for Software-as-a-Service Clouds.

Keyword Query Routing.

A Highly Scalable Key Pre- Distribution Scheme for Wireless Sensor Networks.

Abstract With the advent of cloud computing, data owners are motivated to outsource their complex data management systems from local sites to the commercial.

Facilitating Document Annotation using Content and Querying Value.

Traffic Pattern-Based Content Leakage Detection for Trusted Content Delivery Networks.

Privacy Preserving Back- Propagation Neural Network Learning Made Practical with Cloud Computing.

Two tales of privacy in online social networks. Abstract Privacy is one of the friction points that emerges when communications get mediated in Online.

Participatory Privacy: Enabling Privacy in Participatory Sensing

Preventing Private Information Inference Attacks on Social Networks.

Abstract We propose two novel energy-aware routing algorithms for wireless ad hoc networks, called reliable minimum energy cost routing (RMECR) and reliable.

Supporting Privacy Protection in Personalized Web Search.

Twitsper: Tweeting Privately. Abstract Although online social networks provide some form of privacy controls to protect a user's shared content from other.

m-Privacy for Collaborative Data Publishing

Attribute-Based Encryption With Verifiable Outsourced Decryption.

A Scalable Two-Phase Top-Down Specialization Approach for Data Anonymization Using MapReduce on Cloud.

Multiparty Access Control for Online Social Networks : Model and Mechanisms.

A New Algorithm for Inferring User Search Goals with Feedback Sessions.

Harnessing the Cloud for Securely Outsourcing Large- Scale Systems of Linear Equations.

Securing Broker-Less Publish/Subscribe Systems Using Identity-Based Encryption.

Dynamic Control of Coding for Progressive Packet Arrivals in DTNs.

Security Analysis of a Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption Scheme.

Privacy-Preserving and Content-Protecting Location Based Queries.

Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud.

Whole Test Suite Generation. Abstract Not all bugs lead to program crashes, and not always is there a formal specification to check the correctness of.

Distributed Processing of Probabilistic Top-k Queries in Wireless Sensor Networks.

Load Rebalancing for Distributed File Systems in Clouds.

Facilitating Document Annotation Using Content and Querying Value.

Fast Transmission to Remote Cooperative Groups: A New Key Management Paradigm.

Dynamic Query Forms for Database Queries. Abstract Modern scientific databases and web databases maintain large and heterogeneous data. These real-world.

BY S.S.SUDHEER VARMA (13NT1D5816)

Practice Management & Patient Health Record sharing system

Presentation transcript:

Privacy Preserving Delegated Access Control in Public Clouds

Abstract Current approaches to enforce fine-grained access control on confidential data hosted in the cloud are based on fine-grained encryption of the data. Under such approaches, data owners are in charge of encrypting the data before uploading them on the cloud and re-encrypting the data whenever user credentials change. Data owners thus incur high communication and computation costs. A better approach should delegate the enforcement of fine-grained access control to the cloud, so to minimize the overhead at the data owners, while assuring data confidentiality from the cloud. We propose an approach, based on two layers of encryption, that addresses such requirement. Under our approach, the data owner performs a coarse-grained encryption, whereas the cloud performs a fine- grained encryption on top of the owner encrypted data.

Abstract con… A challenging issue is how to decompose access control policies (ACPs) such that the two layer encryption can be performed. We show that this problem is NP-complete and propose novel optimization algorithms. We utilize an efficient group key management scheme that supports expressive ACPs. Our system assures the confidentiality of the data and preserves the privacy of users from the cloud while delegating most of the access control enforcement to the cloud.

Existing System Security and privacy represent major concerns in the adoption of cloud technologies for data storage. An approach to mitigate these concerns is the use of encryption. However, whereas encryption assures the confidentiality of the data against the cloud, the use of conventional encryption approaches is not sufficient to support the enforcement of fine-grained organiza¬tional access control policies (ACPs). Many organiza¬tions have today ACPs regulating which users can access which data; these ACPs are often expressed in terms of the properties of the users, referred to as identity attributes, using access control languages such as XACML. Such an approach, referred to as attribute- based access control (ABAC), supports fine-grained access control which is crucial for high-assurance data security and privacy.

ArchitectureDiagram

System Specification HARDWARE REQUIREMENTS Processor : intel Pentium IV Ram : 512 MB Hard Disk : 80 GB HDD SOFTWARE REQUIREMENTS Operating System : windows XP / Windows 7 FrontEnd : Java BackEnd : MySQL 5

C ONCLUSION Current approaches to enforce ACPs on outsourced data using selective encryption require organizations to manage all keys and encryptions and upload the encrypted data to the remote storage. Such approaches incur high communication and computation cost to manage keys and encryptions whenever user credentials change. In this paper, we proposed a two layer encryption based approach to solve this problem by delegating as much of the access control enforcement responsibilities as possible to the Cloud while minimizing the information exposure risks due to colluding Usrs and Cloud. A key problem in this regard is how to decompose ACPs so that the Owner has to handle a minimum number of attribute conditions while hiding the content from the Cloud.

THANK YOU