Federated Cloud Computing Security using
Forward-Secure Broadcast Encryption HIBE
Dept. of Computer and Information Sciences
Institute of Statistical Studies and Research
A. A. Abd El-Aziz2, Mahmood A. Mahmood3, Hesham A. Hefny4
Dept. of Computer Science
And Information Sciences
Abstract In recent years, many countries, companies, and research groups have launched their own cloud systems. Due to security issues, there is a limitation for a single-provider of a cloud to cooperate with other cloud systems to maximize the function of available resources. In addition, each cloud computing system provides a digital identity for a user. Hence, a user has many digital identities for difference clouds. Therefore, in hybrid cloud the user has many digital identities. The broadcast media market is discovering the business advantages in using a cloud system in its communication. In cloud computing environments, we propose federated layered broadcast cloud security architecture guarantee efficiency and secure authenticated of multiple broadcasters. However, each broadcaster can be dynamically broadcast messages into an authorized group of receivers. In this paper, we combine a federated identity management mechanism and a forward secure broadcast encryption scheme using HIBE to have a unique digital identity for a user, which will handle all the above problems. Moreover, the key distribution and the mutual authentication problems will be handled.
Keywords- Cloud computing, Federal Identity Management, Security, Broadcast Encryption, The Federated Broadcast Cloud System,FBCS.
Cloud computing is a model for enabling ubiquitous, convenient and on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) . Security is one of the important issues  a cloud computing. Cloud systems provide serveries are SaaS (Software as a Service), PaaS (Platform as a Service) and PaaS (Platform as a Service), also cloud computing provide deployment Models are  Private cloud,
In the cloud computing environments, it should be ensured that: there are efficient and secure authenticated broadcasting technologies for all users and servers. In addition, it should be ensured that resources and data are not permitted to any attacker. Recent compromises of users and server machines at cloud providers have resulted in the need for efficient and secure authenticated broadcasting technologies based authentication.
The main idea of a broadcasting cryptosystem is to establish a secure communication channel from a sender to an authorized group of receivers [31–37]. The broadcast media market is discovering the business advantages in using a cloud system in its communication .
The problem of a broadcast is at the heart of a growing number of applications, such as a secure distribution of copyright-protected application. In broadcast, operation of revocation, Subset diﬀerence (SD), is an eﬃcient method that allows revoking a dynamic group changing .
Forward secrecy if compromise of long-term keys does not compromise past session keys. Since November 2013, twitter provided forward secrecy with TLS to its users , Also Google provided forward secrecy with TLS to users of its Gmail service, Google Docs service, and encrypted search services .
The security issues restrict a single-provider of a cloud to cooperate with other cloud systems in order to maximize the function of available resources . Moreover, the services which are provided by cloud systems cause many problems.
A hybrid cloud consists of multiple service providers. Such as, an enterprise, which has a private cloud, may want to burst workloads to a public cloud vendor. Enterprise’s users will end the accessing of many applications on a hybrid cloud computing environments. The hybrid cloud goes beyond the boundary of the enterprise data center. The Enterprise’s users typically use access management to integrate applications in diﬀerent domains to an application portal, so that the end user can access applications without re-authentication. , hence, there is a security problem in a key distribution and mutual authentication [17 and 18]. Due to the above, the federation identity management is a useful technology in a cloud computing.
The identity-based encryption (IBE)  scheme allows the use of a public identifier of a user as the user’s public key.
In this paper, we propose a layered security architecture, which provides a secure trust transmission mechanism among cloud systems.
II Related Work
As the widely used authentication protocols in the cloud system, OpenID V2.0 is mainly an authentication protocol and federation is achieved with extensions, allows attribute exchange. OpenID V2.0 is vulnerable to phishing, identity provider masquerade and denial-of-service attacks [22, 23]. Kerberos V5  and OpenID V2.0  still have some security vulnerabilities: Kerberos V5 cannot resist password-guessing attacks due to the poor passwords set by network users [19, 21]; although Kerberos V5 has timestamps, but it are supposed to prevent replay attacks, the security of timestamps relies on the network time protocols and the ticket lifetimes, so it is still not robust enough.
A Identity-Based Cryptography
A Public Key Infrastructure (PKI) is the most common system using a trusted third-party for identity authentication, where a Certificate Authority (CA) serves as the trusted third-party to generate the public key certificate for the entity. The PKI scheme is very complicated, when an authentication process in use. Furthermore, if the entity cannot establish communication with CA, the mutual authentication mechanism becomes completely ineffective.
Therefor to solve these problems, there are practical constructions of IBC scheme which has been widely used . In 1984, an identity-based cryptography and signature schemes were proposed by Shamir . Hence, many schemes have been proposed including many identity-based signature schemes [7, 9, 11, 6, 3, 10, 4, 5, and 8].
The identity-based cryptography depends on a user’s identity that uniquely identifies that user. A user identity is used as a public key for an encryption and signature verification. In this scheme, a Private Key Generator (PKG) serves as a trusted third party to generate public keys and the corresponding private keys.
The identity-based cryptography can ease the key management complexity; public keys are distributed without encryption to others. Moreover, encryption and decryption can be carried out offline without the key generation center. To improve the scalability of traditional identity-based cryptography scheme, hierarchical identity-based cryptography (HIBC) has been proposed in [12 and 13].
In  HIDE schemes depended on the bilinear mapping between groups. Private Key generator (PKG) generates private keys for lower level PKGs, PKG delegate private key generation and identity authentication to lower-level PKGs, who in turn generate private keys for users in the next levels.
Fs-HIBE scheme  is satisfying the requirements of the Forward secure technique which are as follows: users join dynamically, encryption is joining-time-oblivious, and users evolve private keys autonomously.
B. forward-secure hierarchical identity based encryption Fs-HIBE
Fs-HIBE  based on an idea which is the compromise of long-term keys and does not compromise past session keys, so that protected past communications. Fs-HIBE takes system properties, such as scalability and efficiency. An fs-HIBE scheme includes the following algorithms: Root Setup, Lower-level Setup, Update, Encrypt, and Decrypt:
1-Root Setup: root PKG will generate the parameters and an initial root key which contains a future secret. The system parameters are public, while only the root PKG knows the initial root key.
2-Lower-level Setup: at time t, compute the child’s private key which joins the system at level L. Its parent at level L − 1 computes the key of an entity associated with a time period t. The inputs are the private key of parent, time t, and the ID-tuple of the child. This lower-level secret will be used to generate private keys for the users in its domain.
3-Update: during the time period t, each user update his or her private keys periodically, while the public key is similar at all time periods.
4-Encrypt: a user who wants to encrypt a message M can use parameters, the index t of the current time period, M message and the ID-tuple of the intended message receiver, and he computes a cipher text C as follows
C = Encrypt (params, i, (ID1. . . IDh),M)
5-Decrypt: receiving a cipher text during the time period t, a user with the ID-tuple (ID1, ..., IDh) inputs params, C ∈ C, and his/her private key associated with the time period t and the ID-tuple, and returns the message M ∈ M.
M =Decrypt (params,SKi,h,C)
C Forward-Secure Broadcast Encryption Scheme
A broadcast encryption Scheme allows the sender to securely distribute data to a dynamically changing set of users over an insecure channel.
The main idea of the Subset-Cover framework  is deﬁning a family F of subsets of the universe of users in the system. Moreover, each subset owns a key, which is available to all users belonging to the given subset. To broadcast a message to the users except those in some sets of revocation users R, ﬁrstly a provider covers the set of privileged users using subsets from the family F. This is done by identifying a partition of ϵ \ R, where all the subsets are elements of F. Then, the provider encrypts the message for all the subsets in that partition. To decrypt, a user u ∉ R ﬁrst identiﬁes the subset in the partition of ϵ \ R to which he belongs, and then recovers private keys of from his secret information. The subsets are organized into groups, and a private key, groupkey, is owned to each of these groups. Such an organization of the subsets of the family F produces a hierarchy, in which the leaves are elements of F and each internal node corresponds to a group of subsets. The complete explanation of the algorithm is found in .
D IBC-Based Authentication for Cloud computing
In recent years, some researches based on HIBE scheme proposed an identity based hierarchical key deployment model for encryption and authentication in cloud computing. Li et al.  proposed a hierarchical architecture for cloud computing and a TLS-analogous authentication protocol. In 2010, Huang et al.  gave HIBE-based cloud system architecture by taking into consideration of the failures of PKGs. Their work does not address the authentication problem in the federated cloud system. Yan et al.  adopted federated identity together with the HIBC scheme to implement federated identity management, key management and authentication among different types of clouds, such as public, private, and hybrid clouds. Their scheme using a secret session key without key exchange and transfer encrypted data to verification. Their systems did not address revocation issue. We need revocation functionality when a secret key is corrupted by hacking or the period of a contract expires. Antonio Celesti, et al.  proposed a new strategy to implement fast delivery of data in federated Cloud environments. Their proposed system used of satellite systems.
From all proviruses work, theirs protocols may be highly vulnerable to a side-channel attacks on the stored keys, because their protocols do not evolve a forward-secure mechanism which is important to guarantee the privacy of past transactions if the long-term key or current session keys are compromised.
III. Federated Broadcast Cloud System (FBCS)
A. System Architecture
In this paper, we propose a new idea about FBCS. According to fs-BE HIBE scheme . The layered cloud security architecture is illustrated in Fig.1; we establish a unified root Global Private Key Generator Broadcast (GPKGB) in FBCS to provide a trust service for different clouds such as the private cloud, the public cloud, and the community cloud. The GPKGB is responsible for managing top-level Broadcast Private Key Generator (BPKG) authorities in the system that allocates hierarchical identities to users in their domains. Those clouds are the first level, and users in those clouds are leaves in that hierarchical. Moreover, each cloud is a self-contained, and its domain with an independent BPKG responsible for certificating cloud entities in its own domain.
Fig1. The Federated Broadcast Cloud System (FBCS)
For the FBCS architecture depicted in Fig. 1, we give the following definitions:
Definition 1. Federated Broadcast Cloud System (FBCS). FBCS Divide the federated cloud system into multiple broadcast clouds. FBCS establish a unified root Global Private Key Generator Broadcast (GPKGB) that is consists of a cloud identity and global broadcast could. Each broadcast cloud consists of a cloud provider and broadcast could.
Definition 2. Home Broadcast Cloud Security Domain (HBCSD). The security domain in which the broadcast cloud entity registered is called the home broadcast cloud domain of the entity.
Definition 3. Routing Broadcast Cloud Security Domain (RBCSD). The non-home security domain accessed by the cloud entity in another security domain is called the routing security domain.
In our federated broadcast cloud system with a broadcast encryption scheme, affiance solution to counter identity spoofing; the data are securely distributed to a dynamically changing set of users over an insecure channel. Moreover, using a forward secure, it enables the system to protect the date from unauthorized access users. In addition using the forward secure prevent the compromise of a long-term secret key from affecting the confidentiality of past conversations, also the security is achieved by using the revocation in the future. Federated layered broadcast cloud security architecture addressed issue of multiple broadcasters’ authentication. However, each broadcaster can be dynamically broadcast messages into an authorized group of receivers.
B. Key Generation
Forward-Secure HIBE  constructions is based on HIBE scheme . The security of HIBC scheme is based on the diﬃculty of the bilinear Diﬃe-Hellman (BDH) problem .
Let G₁ and G₂ be two cyclic groups of some large prime order q. We write G₁ additively and G₂ multiplicatively. Our schemes make use of a bilinear pairing. Admissible pairings: following Boneh and Franklin , call ˆe admissible pairing if ê:G₁× G₂ → G₂ is a map with the following properties:
1. Bilinear: ê (aP, bQ) = ê (P, Q)ᵃᵇ for all P, Q ∈ G₁ and all a,b ∈ ℤ.
2. Non-degenerate: There exits P, Q ∈ G₁, such that
ê (P, Q) ≠1.
3. Computable: There is an eﬃcient algorithm to compute
ê (P, Q) for any P, Q ∈ G₁.
In the cloud we use GPKGB acts the global trusted authority to authenticate BPKGs in different domains. The root setup can be done as follows: