DACC: Distributed Access Control in Clouds 2011 IEEE TrustCom-11 Sushmita Ruj Amiya Nayak and Ivan Stojmenovic 2013.04.29 Regular Seminar Tae Hoon Kim Contents 1. Introduction 2. Related work 3. Background A. Model and assumptions B. Formats of access policies C. Mathmatical background D. Lewko-Waters ABE Scheme 4. Proposed scheme: DACC 5. Security of DACC 6. Performance 7. Conclusion and Future work 2 /21 Introduction Cloud is emerging technology User only require a terminal, a smart phone, table connected internet User can rent the storage, computing resources of a server provided by a company Application services e.g) Google Apps, Microsoft online Infrastructural support e.g)Amazon’s EC2, Eucalyptus, Nimbus Platform e.g)Amazon’s S3, Windows Azure 3 /21 Introduction Two important to preserve security of data In cloud, Users trying to access data privacy of users Only User services are authorized user Using public key cryptographic techniques should ensure that The cloud is not tampering with user’s data and computational results 4 /21 Introduction Method of not tampering user data & computational results Hide the data from the clouds Use of homomorphic encryption techniques[9][10] Code obfuscation[11] Important problem : Anonymously search data in Cloud(range, multidimensional, complex queries) Is achieved searchable encryption[12][13] Takes keywords in encrypted form and return results Without knowing the keyword or the retrieved records 5 /21 Introduction Consider following scenarios Patients store their medical records in cloud Different users can access different data field The same data fields might be accessed by a selective group of people(authorized set) Example)the patient’s medical history and drug administration can be accessed by doctors and nurses, but not by hospital management staff Access Control : Granting access rights to certain users and forbidding other users to access data 6 /21 Introduction Method of granting access To attach list of all valid users to data problem : 1. Each time the list has to be checked to see if user is valid -> huge computation and storage cost To encrypt data is by using public keys of valid users Problem : 1. The same data then must be encrypted several times -> may result in huge storage cost ABE(Attribute Based Encryption) : owners encrypted data with attributes that they possess and store the information in the clouds 7 /21 Introduction KDC(Key Distributed Center) Users are given attributes and secret keys by KDC Set of attributes are able to decrypt the information E.g)(A, doctor, Key), (B, doctor, Key), (A, staff, Key) (A, patient, Key) (C, doctor, Key) Earlier work[17] : owners encrypt data with attributes(Not requried KDC) In Problem : increase the total number of secret keys given to users->increases storage and communication overhead this paper, proposes DACC is Cloud has cipher text(unable to decrypt cipher text) Owner decide on attributes that users should have and users receive decryption keys KDC distributes secret keys to user 8 /21 Related work Sahai and Waters[19] ABE A user has a set of attributes in addition to its unique ID Shamir[20] IBE(Identity-based-encryption) Each user in IBE scheme has a unique identity Bethencourt et al,. [21] Ciphertext-policy Receiver has the access policy in the form of a tree, with attributes as leaves and monotonic access structure with AND, OR and other threshold gates. 9 /21 Related work KDC(attribute authority) is assumed to be honest May not hold; a distributed system, authorities can fail or be corrupt Chase[23] multi-authority ABE Distribute attribute, and secret keys to users Wang et al[26],. Hierarchical access control mechanism Relies on Bethencoure et al[21], and Hierarchical IBE[27] 10 /21 Background A. Model and assumptions KDCs which may be even servers scattered in different countries, that generate secret keys for the users Assume that the cloud is honest but curious 11 /21 Background : B. Format of access policies Two format of access policies Boolean functions of attribute ( (a1 ∧ a2 ∧ a3) ∨ (a4 ∧ a5) ∧ (a6 ∨ a7) ) (a1, a2.. A7) : attributes Be represented by access tree with attributes at the leaves and AND and OR Linear Secret Sharing Scheme(LSSS) Let V[x] be parent’s vector, If node x = AND then the left child is (V[x]|1), and the right child is (0,…-1). If x= OR then both children also have unchanged vector V[x] ∧∨ 12 /21 Background : C. D. C. Use bilinear pairings on elliptic curves D. Mathematical background Lewko-Waters ABE scheme Consist of four steps 1)System Initialization 2)Key and attribute distribution to users by KDCs 3)Encryption of message by sender 4)Decryption by receiver ∧∨ 13 /21 Proposed Scheme:DACC A. Sketch of DACC 1. Initially the parameters of the scheme and the size of group are decided(232+1) 2. KDC Aj selects the set of attributes Lj 3. An owner Uu who wants to store information in cloud, chooses a set of attributes Iu which are specific to the data it wants to encrypt’ 4. convert the access tree to a Matrix R Aj = j번째 KDC, Lj = KDC Aj가 소유한 attribute의 잡합 I[j,u] Uu가 준 attribute의 집합 14 /21 Proposed Scheme:DACC An Example; professional n/w J1:Engineering, J2(CS Research), J3(Faculty positions) P1:Canada P2:US 15 /21 Security of DACC, Performance Security of DACC Show that only authorized users can decrypt the data in clouds Theorem : Our access control scheme is secure, collusion resistant and allows access only to authorized users Proof Performance Calculate the computation and communication overhead of DACC scheme and DACC with revocation 16 /21 Conclusion In If DACC, the cloud is assumed to be honest not possible to satisfy, care should be taken The authenticity of the data must be verified by the user hide the identity of the users and owners at the same time provide their authentication Future work Hide the access structure from the cloud, by scrambling the matrix in some way 17 /21 Thank you for listening my presentation Q/A 18 /21 Appendix : Method Method 1 : One way to hide the data from clouds data Method 2 : Use of homomorphic encryption techniques(4 generation) data Sends msg Return result : Homomorphicly encrypted data : Return encrypted data http://www2.readersnews.com/sub_read.html?uid=34467&section=sc1 19 /21 Appendix : Method Method 3 : Code obfuscation Code Provide result Method 4 : Searchable encryption encrypted data : Obfuscation : Return data 20 /21 Appendix : DACC Matrix R Cyper text C1 Matrix R 3 C2 2 Owner Uu User n1 User n2 : Using SSH • SSH:Secure Shell protocol 1 KDC 2 A2 Access tree User n1 User n2 Iu posses KDC of list (HospitalA, doctor, SK 2,1), (HospitalB, doctor, SK 2,2), (HospitalA, Staff, SK2,3) A2 of attribute set Lj 21 /21