Secrbac:Secure Data in Clouds

SecRBAC:Secure Data in Clouds

Abstract

Most current security solutions are based on perimeter security. However, Cloud computing breaks the organizationperimeters. When data resides in the Cloud, they reside outside the organizational bounds. This leads users to a loos of control overtheir data and raises reasonable security concerns that slow down the adoption of Cloud computing. Is the Cloud service provideraccessing the data? Is it legitimately applying the access control policy defined by the user? This paper presents a data-centric accesscontrol solution with enriched role-based expressiveness in which security is focused on protecting user data regardless the Cloudservice provider that holds it. Novel identity-based and proxy re-encryption techniques are used to protect the authorization model.Data is encrypted and authorization rules are cryptographically protected to preserve user data against the service provider access ormisbehavior. The authorization model provides high expressiveness with role hierarchy and resource hierarchy support. The solutiontakes advantage of the logic formalism provided by Semantic Web technologies, which enables advanced rule management likesemantic conflict detection. A proof of concept implementation has been developed and a working prototypical deployment of theproposal has been integrated within Google services.

INTRODUCTION

Attribute-based Access Control (ABAC), in which privilegesare granted to users according to a set of attributes. There isa long standing debate in the IT community about whetherRole-based Access Control (RBAC) or ABAC is a bettermodel for authorization.Without entering into thisdebate, both approaches have their own pros and cons.

The main contributions of the proposed solution are:

Data-centric solution with data protection for the Cloud Service Provider to be unable to access it.
Rule-based approach for authorization where rulesare under control of the data owner.
High expressiveness for authorization rules applyingthe RBAC scheme with role hierarchy and resourcehierarchy (Hierarchical RBAC or hRBAC).
Access control computation delegated to the CSP, butbeing unable to grant access to unauthorized parties.
Secure key distribution mechanism and PKI compatibilityfor using standard X.509 certificates and keys.

EXISTING SYSTEM

The data centers used by cloud providers may also be subject to compliance requirements. Using a cloud service provider (CSP) can lead to additional security concerns around data jurisdiction since customer or tenant data may not remain on the same system, or in the same data center or even within the same provider's cloud.

Searchable Encryption is a cryptographic primitive which offers secure search functions over encrypted data. In order to improve search efficiency, an SE solution generally builds keyword indexes to securely perform user queries. Existing SE schemes can be classified into two categories: SE based on secret-key cryptography and SE based on public-key cryptography.

Except and , all other schemes use attribute based encryption (ABE). The scheme in uses a symmetric key approach and does not support authentication.

To overcome the aforementioned issues, several proposalstry to provide data-centric solutions basedon novel cryptographic mechanisms applying AttributebasedEncryption (ABE) [5]. These solutions are based onAttribute-based Access Control (ABAC), in which privilegesare granted to users according to a set of attributes.

PROPOSED SYSTEM

The proposed authorization solution providesa rule-based approach following the RBAC scheme,where roles are used to ease the management of accessto the resources.

The main contributions of the proposed solution are:

Data-centric solution with data protection for the Cloud Service Provider to be unable to access it.
Rule-based approach for authorization where rules are under control of the data owner.
High expressiveness for authorization rules applying the RBAC scheme with role hierarchy and resource hierarchy (Hierarchical RBAC or hRBAC).
Access control computation delegated to the CSP, but being unable to grant access to unauthorized parties.
Secure key distribution mechanism and PKI compatibility for using standard X.509 certificates and keys.

In the proposed SecRBAC solution,data encryption is used to prevent the CSP to access the dataor to release it bypassing the authorization mechanism. The aforementioned ABE-based solutions proposed forsolving access control in Cloud computing are based onthe Attribute-based Access Control (ABAC) model.

Additionally, the proposed solution providessupport for the ontological representation of the authorizationmodel, providing additional reasoning mechanisms tocope with issues such as detection of conflicts betweendifferent authorization rules.

The proposed solution is not tiedto any PRE scheme or implementation. For the purpose ofproviding a comprehensive and feasible solution, the restof this paper is based on the IBPRE approach and notation.

IMPLEMENTATION

Implementation is the stage of the project when the theoretical design is turned out into a working system. Thus it can be considered to be the most easiest stage in achieving a successful new system and in giving the user, confidence that the new system will work and be effective.

The implementation stage involves careful planning, investigation of the existing system and it’s constraints on implementation, designing of methods to him/her work very easy.

MODULES

1.Proxy Re-Encryption And Identity-Based Encryption

SecRBAC makes use of cryptography to protect data whenmoved to the Cloud. Advanced cryptographic techniquesare used to protect the authorization model in order to avoid the CSP being able to disclose data without dataowner consent. Concretely, the solution is based on ProxyRe-Encryption (PRE). A PRE scheme is a cryptographicscheme that enables an entity called proxy to re-encrypt datafrom one key to another without being able to decrypt it.

The following set of features are required by the Proxy Re-Encryption scheme used for the proposal in this paper:

Unidirectionality. A unidirectional scheme enables thegeneration of a re-encryption key rkᾳ―›ᵦ withoutallowing re-encryption from β to α.
Non-interactivity. A non-interactive scheme enablesa user uα to construct a re-encryption key rkᾳ―›ᵦ without the participation of uβ or any other entity.
Multi-use. A multi-use scheme enables the proxyto perform multiple re-encryption operations on asingle ciphertext. That is, to re-encrypt from uα to uβ,from uβ to cγ and so on.

The master public keyis publicly known and can be directly employed by users togenerate the public key of another user based on his identity.In turn, the master private key should be kept private andusers can obtain their private keys from a trusted entity thatowns the master private key. This entity is called PrivateKey Generator (PKG).

The following set of functions is provided by IBPRE. Itconstitutes the cryptographic primitives for the proposal:

setup (p,k) ―› (p, msk) (1)

keygen (p, msk, id) ―› skα (2)

encrypt (p, id_,m) ―› cα (3)

rkgen (p, skα, idα, idᵦ) ―› rkα―›ᵦ (4)

reencrypt (p, rkα―›ᵦ, cα) ―›cᵦ (5)

decrypt (p, skα, cα) ―› m (6)

Details about the cryptographic operations that are performedby these functions can be found in A briefdescription of each function follows. Initializes the cryptographicscheme.

2.Authorization Model With Enriched Rolebased Expressiveness

The management of access control and security could becomea difficult and error prone task in distributed systemslike Cloud computing. Authorization models providinghigh expressiveness can help to control and manage securityand to deal with this complexity. They can aid administratorswith this task by enabling the specification of highlevelaccess control rules that are automatically interpretedby system for this to behave as defined by the administrator.Role-Based Access Control (RBAC) is an authorizationscheme supported by most of the current authorizationsolutions.

This authorization model can be extended to hierarchicalRBAC (hRBAC). Hierarchical RBAC enables the definitionof role hierarchies. These hierarchies establish privilegeinheritance between roles, making a child role to inheritall the privileges defined for parent roles in the hierarchy.The major motivation for adding role hierarchy to RBAC isto simplify role management.

3.Self-Protected Authorization Model For Data-Centric Security

The authorization model presented in Section 4 determinesthe privileges that are granted to subjects. It should be evaluatedby the Cloud Service Provider upon an access requestin order to decide whether such a request is permitted ornot. However, if data is not cryptographically protected thenthe CSP could potentially access the data for its own benefit.Moreover, the data owner should trust the CSP to legitimatelyevaluate the model and enforce the authorizationdecision. If the authorization rules are not cryptographicallyprotected then they can be overridden by the CSP, making it able to access the data or to release it to any third party.

3.1Protecting the authorization model

A data-centric security approach, data shouldbe encrypted to avoid undesired access. Then, the accesscontrol mechanism should control who will be able to

decrypt the data and get access to its content.

3.2Representation and evaluation

This information is usedto construct the path and, consequently, the re-encryption

chain. Since the ontology is a direct representation of thesets and relations of the protected authorization model, thederivations done by the reasoner are also directly mapped tothe original sets and relations.

4.Data-Centric Solution For Data Protection In The Cloud

An architecture is also proposed for the deploymentwithin a CSPs. This architecture takes into consideration thedifferent elements that should be deployed in order to givean overview of how access to protected data is done in this

approach.

When moving data to the cloud, a self-protected packageis generated by the data owner. This package contains:the encrypted data objects, the authorization rules and thecorresponding re-encryption keys.

Data objects are encrypted before uploading them to theCloud in order to prevent the CSP to access them. Thisis done by data owners by using the encrypt() function.data should be encrypted usingthe identity ido1 of the object being uploaded o1. A digitalenvelope approach can be applied to protect data objects

instead of direct encryption.

Authorization rules are defined by the data owner anddirectly mapped into the authorization model. This is doneby including the corresponding elements in the binary relations.

The following conditions should hold to securelyprotect data in the Cloud with SecRBAC:

The CSP should not be able to access the MSK.
The CSP should not be able to access Secret Keys ofauthorization elements.

If a PKG is used, it should be guaranteed that it doesnot collude with the CSP.

System Configuration

H/W System Configuration:

Processor - Pentium –III

Speed - 1.1 Ghz

RAM - 256 MB(min)

Hard Disk - 20 GB

Floppy Drive - 1.44 MB

Key Board - Standard Windows Keyboard

Mouse - Two or Three Button Mouse

Monitor - SVGA

S/W System Configuration:

Operating System :Windows95/98/2000/XP

Application Server : Tomcat5.0/6.X

Front End : HTML, Java, Jsp

 Scripts : JavaScript.

Server side Script : Java Server Pages.

Database : Mysql

Database Connectivity : JDBC.

CONCLUSION

A data-centric authorization solution has been proposed forthe secure protection of data in the Cloud. SecRBAC allowsmanaging authorization following a rule-based approachand provides enriched role-based expressiveness includingrole and object hierarchies. Access control computations aredelegated to the CSP, being this not only unable to accessthe data, but also unable to release it to unauthorized parties.Advanced cryptographic techniques have been appliedto protect the authorization model. A re-encryption keycomplement each authorization rule as cryptographic tokento protect data against CSP misbehavior. The solution isindependent of any PRE scheme or implementation as faras three specific features are supported. A concrete IBPREscheme has been used in this paper in order to provide acomprehensive and feasible solution.A proposal based on Semantic Web technologies hasbeen exposed for the representation and evaluation of theauthorization model. It makes use of the semantic featuresof ontologies and the computational capabilities of reasonersto specify and evaluate the model. This also enables theapplication of advanced techniques such as conflict detectionand resolution methods. Guidelines for deployment ina Cloud Service Provider have been also given, including anhybrid approach compatible with Public Key Cryptographythat enables the usage of standard PKI for key managementand distribution. A prototypical implementation of the proposalhas been also developed and exposed in this paper,together with some experimental results.Future lines of research include the analysis of novelcryptographic techniques that could enable the secure modificationand deletion of data in the Cloud. This would allowto extend the privileges of the authorization model withmore actions like modify and delete. Another interesting pointis the obfuscation of the authorization model for privacy reasons.Although the usage of pseudonyms is proposed, butmore advanced obfuscation techniques can be researched toachieve a higher level of privacy.