Big Data Authentication Protocol with Hierarchical Attribute-Based Encryption and Authorization Structure

Authors

  • SE Tuase Dept. of Computer Science, Rivers State University, Port Harcourt, Nigeria
  • D Matthias Dept. of Computer Science, Rivers State University, Port Harcourt, Nigeria
  • ND Nwiabu Dept. of Computer Science, Rivers State University, Port Harcourt, Nigeria

DOI:

https://doi.org/10.26438/ijcse/v8i7.1931

Keywords:

Big Data, Cloud Computing, Authentication Protocol, Hierarchical Attribute Set Based Encryption,, Ciphertext Policy Attribute Base Encryption, Elliptic Curve Cryptography, Diffie Hellman, ECDH, AES

Abstract

The term big data arose under the explosive increase of global data as a technology that is able to store and process big and varied volumes of data, providing both enterprises and science with deep insights over its clients’ experiments. Big Data provides a reliable, fault-tolerant, available and scalable environment to harbor big data distributed management systems thus provide a need store our data at cloud providers plaion and authorization structure of cloud big data access control system that will authenticate authorities or users. Our proposed protocol resorts to tree-based signature to significantly improve the security of attribute authorization thus providing data owner a level of security on the data that will require at least two-level of attributes been satisfy before big data can be access. To satisfy big data requirements, we proposed authentication protocol that support two levels of hierarchical attribute-based encryption and authorization structure using a combination of advanced encryption standard (AES), elliptic curve cryptography combining with the hardness of Diffie Hellman theorem (ECDH). Often times, data and file access control encryption were usually implemented with RSA and DSA protocol, which also comes with their own attendant problems, such as computational overhead cost, time sequence for both encryption and decryption key, encryption keys bit length which also culminate in longer period of time for process execution, We proposed a protocol for authentication and key exchange using AES (Advance Encryption Standard) and ECDH (Elliptic Curve Diffie Hellman) that help to resist forgery attack, replay attack, short key bits length thereby enable less utilization of bandwidth and availability on both mobile and desktop computing with robust security based on hardness of Diffie Hellman and Elliptic Curve cryptography algorithm. In addition, we proposed protocol that help preserve entities privacy, our protocol performance is far better than existing protocol, ours enable less power consumption and low bandwidth consumption as its key length invariably has lower bits than other protocol bits lengths.

References

[1] Toninelli, A.; Montanari, R.; Kagal, L.; Lassila, O. A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In Proceedings of the International Semantic Web Conference, Athens, GA, USA, 5-9 November 2006; pp. 473-486.

[2] Botta, A.; De Donato, W.; Persico, V. Pescap-, A. Integration of cloud computing and internet of things: A survey. Future Gener. Comput. Syst. 2016, 56, 684-700.

[3] Zissis, D.; Lekkas, D. Addressing cloud computing security issues. Future General. Computer. Systems. 2012, 28, 583-592.

[4] Bouabana-Tebibel, T.; Kaci, A. Parallel search over encrypted data under attribute-based encryption on the Cloud Computing. Comput. Secur. 2015, 54, 77-91.

[5] Akl, S.G.; Taylor, P.D. Cryptographic solution to a problem of access control in a hierarchy. ACM Transmission. Computer. Syst. 1983, 1, 239-248.

[6] Castiglione, A.; De Santis, A.; Masucci, B.; Palmieri, F.; Huang, X.; Castiglione, A. Supporting dynamic updates in storage clouds with the Akl-Taylor scheme. Inf. Sci. 2017, 387, 56-74.

[7] Akl, S.G.; Taylor, P.D. Cryptographic solution to a problem of access control in a hierarchy. ACM Transmission. Computer. Syst. 1983, 1, 239-248.

[8] Crampton, J.; Farley, N.; Gutin, G.; Jones, M.; Poettering, B. Cryptographic enforcement of information flow policies without public information via tree partitions 1. J. Computer. Security. 2017, 25, 511-535.

[9] Goyal, V.; Pandey, O.; Sahai, A.; Waters, B. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, VA, USA, 30 October-3 November 2006; pp. 89-98.

[10] Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-policy attribute-based encryption. In Proceedings of the IEEE Symposium on Security and Privacy (SP-07), Berkeley, CA, USA, 20-23 May 2007; pp. 321-334.

[11] Waters, B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Proceedings of the International Workshop on Public Key Cryptography, Taormina, Italy, 6-9 March 2011; pp. 53-70.

[12] Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-policy attribute-based encryption. In Proceedings of the IEEE Symposium on Security and Privacy (SP-07), Berkeley, CA, USA, 20-23 May 2007; pp. 321-334.

[13] Lai, J.; Deng, R.H.; Li, Y. Expressive CP-ABE with partially hidden access structures. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Korea, 2-4 May 2012; pp. 18-19.

[14] Waters, B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Proceedings of the International Workshop on Public Key Cryptography, Taormina, Italy, 6-9 March 2011; pp. 53-70.

[15] Lee, C.-C.; Chung, P.-S.; Hwang, M.-S. A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments. IJ Netw. Secur. 2013, 15, 231-240.

[16] Li, Y.; Zhu, J.; Wang, X.; Chai, Y.; Shao, S. Optimized ciphertext-policy attribute-based encryption with efficient revocation. Int. J. Security. Its Appl. 2013, 7, 385-394.

[17] Hongbing, C., R Chunrning, H Kai, W. Weihong and L. Yanyan: Secure big data storage and sharing scheme for cloud tenants. China Communication., 12: 106-115, 2015.

[18] Sookhak, M., A Gani, M.K. Khan and R Buyya: Dynamic remote data auditing for securing big data storage in cloud computing. Inf Sci., 380:101-116.2017.

[19] Puthal, D., S. Nepal, R Ranjan and J. Chen: DPBSV-an efficient and secure scheme for big sensing data stream. Proceedings of the 2015 IEEE Conference on Trustcom/BigDataSE/ISPA Vol. 1, August 20-22, 2015, IEEE, Helsinki, Finland, ISBN:978-1-4673-7951-9, pp: 246-253, 2015.

Downloads

Published

2020-07-31
CITATION
DOI: 10.26438/ijcse/v8i7.1931
Published: 2020-07-31

How to Cite

[1]
S. Tuase, D. Matthias, and N. Nwiabu, “Big Data Authentication Protocol with Hierarchical Attribute-Based Encryption and Authorization Structure”, Int. J. Comp. Sci. Eng., vol. 8, no. 7, pp. 19–31, Jul. 2020.

Issue

Vol. 8 No. 7 (2020): IJCSE July Edition

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.