Transcript [130429_KTH

DACC: Distributed Access Control in
Clouds
2011 IEEE TrustCom-11
Sushmita Ruj
Amiya Nayak and Ivan Stojmenovic
2013.04.29
Regular Seminar
Tae Hoon Kim
Contents
1. Introduction
2. Related work
3. Background
A. Model and assumptions
B. Formats of access policies
C. Mathmatical background
D. Lewko-Waters ABE Scheme
4. Proposed scheme: DACC
5. Security of DACC
6. Performance
7. Conclusion and Future work
2 /21
Introduction
 Cloud


is emerging technology
User only require a terminal, a smart phone, table connected
internet
User can rent the storage, computing resources of a server
provided by a company
 Application

services
e.g) Google Apps, Microsoft online
 Infrastructural

support
e.g)Amazon’s EC2, Eucalyptus, Nimbus
 Platform

e.g)Amazon’s S3, Windows Azure
3 /21
Introduction
 Two

important to preserve
security of data
 In

cloud, Users trying to access data
privacy of users
 Only

 User

services are authorized user
Using public key cryptographic techniques
should ensure that
The cloud is not tampering with user’s data and
computational results
4 /21
Introduction
 Method
of not tampering user data &
computational results

Hide the data from the clouds

Use of homomorphic encryption techniques[9][10]

Code obfuscation[11]
 Important
problem : Anonymously search data
in Cloud(range, multidimensional, complex
queries)

Is achieved searchable encryption[12][13]
 Takes
keywords in encrypted form and return results
Without knowing the keyword or the retrieved records
5 /21
Introduction
 Consider
following scenarios

Patients store their medical records in cloud

Different users can access different data field

The same data fields might be accessed by a selective
group of people(authorized set)
 Example)the
patient’s medical history and drug administration
can be accessed by doctors and nurses, but not by hospital
management staff
 Access
Control : Granting access rights to
certain users and forbidding other users to
access data
6 /21
Introduction
 Method

of granting access
To attach list of all valid users to data
 problem
: 1. Each time the list has to be checked to see if
user is valid -> huge computation and storage cost

To encrypt data is by using public keys of valid users
 Problem
: 1. The same data then must be encrypted several
times -> may result in huge storage cost

ABE(Attribute Based Encryption) : owners encrypted
data with attributes that they possess and store the
information in the clouds
7 /21
Introduction
 KDC(Key

Distributed Center)
Users are given attributes and secret keys by KDC

Set of attributes are able to decrypt the information

E.g)(A, doctor, Key), (B, doctor, Key), (A, staff, Key) (A, patient, Key)
(C, doctor, Key)
 Earlier
work[17] : owners encrypt data with
attributes(Not requried KDC)

 In



Problem : increase the total number of secret keys given to
users->increases storage and communication overhead
this paper, proposes DACC is
Cloud has cipher text(unable to decrypt cipher text)
Owner decide on attributes that users should have and users
receive decryption keys
KDC distributes secret keys to user
8 /21
Related work
 Sahai

and Waters[19] ABE
A user has a set of attributes in addition to its unique
ID
 Shamir[20]

IBE(Identity-based-encryption)
Each user in IBE scheme has a unique identity
 Bethencourt

et al,. [21] Ciphertext-policy
Receiver has the access policy in the form of a tree,
with attributes as leaves and monotonic access
structure with AND, OR and other threshold gates.
9 /21
Related work
 KDC(attribute
authority) is assumed to be
honest

May not hold; a distributed system, authorities can
fail or be corrupt
 Chase[23]

multi-authority ABE
Distribute attribute, and secret keys to users
 Wang
et al[26],. Hierarchical access control
mechanism

Relies on Bethencoure et al[21], and Hierarchical IBE[27]
10 /21
Background
A. Model and assumptions


KDCs which may be even servers scattered in different
countries, that generate secret keys for the users
Assume that the cloud is honest but curious
11 /21
Background :
B. Format of access policies
 Two

format of access policies
Boolean functions of attribute
(
(a1 ∧ a2 ∧ a3) ∨ (a4 ∧ a5) ∧ (a6 ∨ a7) )

(a1, a2.. A7) : attributes
 Be
represented by access tree with attributes at the leaves
and AND and OR

Linear Secret Sharing Scheme(LSSS)
 Let
V[x] be parent’s vector,
 If node x = AND then the left child is (V[x]|1), and the right
child is (0,…-1).
 If x= OR then both children also have unchanged vector V[x]
∧∨
12 /21
Background : C. D.
 C.

Use bilinear pairings on elliptic curves
 D.

Mathematical background
Lewko-Waters ABE scheme
Consist of four steps
 1)System
Initialization
 2)Key and attribute distribution to users by KDCs
 3)Encryption of message by sender
 4)Decryption by receiver
∧∨
13 /21
Proposed Scheme:DACC
 A.




Sketch of DACC
1. Initially the parameters of the scheme and the size of
group are decided(232+1)
2. KDC Aj selects the set of attributes Lj
3. An owner Uu who wants to store information in
cloud, chooses a set of attributes Iu which are specific
to the data it wants to encrypt’
4. convert the access tree to a Matrix R
Aj = j번째 KDC, Lj = KDC Aj가 소유한 attribute의 잡합
I[j,u] Uu가 준 attribute의 집합
14 /21
Proposed Scheme:DACC
 An
Example; professional n/w

J1:Engineering, J2(CS Research), J3(Faculty positions)

P1:Canada P2:US
15 /21
Security of DACC, Performance

Security of DACC


Show that only authorized users can decrypt the data in clouds
Theorem : Our access control scheme is secure, collusion
resistant and allows access only to authorized users


Proof
Performance

Calculate the computation and communication overhead of
DACC scheme and DACC with revocation
16 /21
Conclusion
 In
 If


DACC, the cloud is assumed to be honest
not possible to satisfy, care should be taken
The authenticity of the data must be verified by the
user
hide the identity of the users and owners at the same
time provide their authentication
 Future

work
Hide the access structure from the cloud, by
scrambling the matrix in some way
17 /21
Thank you for listening my
presentation Q/A
18 /21
Appendix : Method
 Method
1 : One way to hide the data from
clouds
data
 Method
2 : Use of homomorphic encryption
techniques(4 generation)
data
Sends msg
Return result
: Homomorphicly
encrypted data
: Return encrypted
data
http://www2.readersnews.com/sub_read.html?uid=34467&section=sc1
19 /21
Appendix : Method
 Method
3 : Code obfuscation
Code
Provide result
 Method
4 : Searchable encryption
encrypted
data
: Obfuscation
: Return data
20 /21
Appendix : DACC
Matrix R
Cyper text
C1
Matrix R
3
C2
2
Owner
Uu
User n1
User n2
: Using SSH
• SSH:Secure Shell protocol
1
KDC
2
A2
Access tree
User n1
User n2
Iu
posses KDC of list
(HospitalA, doctor, SK 2,1),
(HospitalB, doctor, SK 2,2),
(HospitalA, Staff, SK2,3)
A2 of attribute set Lj
21 /21