A layered Cryptographic Approach for Hierarchical Distributed Access

Control over Cloud

Abstract:
Cloud computing is a new computing paradigm that attracted many computer users, business, and
government agencies. Cloud computing brought a lot of advantages especially in ubiquitous services
where everybody can access computer services through internet. With cloud computing, there is no
need of physical hardware or servers that will support the companys computer system, internet
services and networks. It will basically cut down the expenses of the company allotted for the
maintenance of the computer system. Along with the good benefits of Cloud Computing has to offer,
there are security problems which make users anxious about the safety, reliability and efficiency of
migrating to cloud computing. Here in this proposal we discuss various features of attribute based
access control mechanisms, suitable for cloud computing environment. We present distributed access
control architecture for multitenant and virtualized environments.
Problem identification:
Cloud computing is one of the emerging technologies. The cloud environment is a large open distributed
system. It is important to preserve the data, as well as, privacy of users. Along with the good benefits of
Cloud Computing has to offer, there are security problems which make users anxious about the safety,
reliability and efficiency of migrating to cloud computing. Access Control methods ensure that
authorized users access the data and the system.
Existing Approaches:
Several researchers have previously addressed access control issues for cloud computing. Daniel Nurmi
and his colleagues provided an authorization system to control the execution of virtual machines (VMs)
to ensure that only administrators and owners could access them. Stefan Berger and his colleagues
promoted an authorization model based on both role-based access control (RBAC) and security labels to
control access to shared data, VMs, and network resources. Jose Alcaraz Calero and his colleagues
presented a centralized authorization system that provides a federated path-based access control
mechanism. What distinguishes our work is that we present an architecture that can be implemented
using an XML-based formalism.
Motivation:
In order to realize scalable, flexible, and fine-grained access control of outsourced data in cloud
computing, Zhiguo Wan wet al proposed hierarchical attribute-set-based encryption (HASBE) by
extending cipher text policy attribute set based encryption (ASBE) with a hierarchical structure of users.
The proposed scheme not only achieves scalability due to its hierarchical structure, but also inherits
flexibility and fine-grained access control in supporting compound attributes of ASBE. In addition, HASBE
employs multiple value assignments for access expiration time to deal with user revocation more
efficiently than existing schemes.
Proposed Approach:
With the motivation gained from the HASBE, here we propose distributed access control architecture for
multitenant and virtualized environments. The design of this architecture is based on the principles from
security management and software engineering. From a security management perspective, the goal is to
meet cloud users access control requirements. From a software engineering perspective, the goal is to
generate detailed specifications of such requirements.
Software Requirements:
OS: Any OS with JRE
Language: JAVA SE
IDE: Netbeans
Build Tool: ANT
Java RMI Mechanism
Hardware Requirements:
1 GB RAM
80 GB Hard Disk
Pentium 4 Compatibility