A layered Cryptographic Approach for Hierarchical Distributed Access
Control over Cloud
Abstract: Cloud computing is a new computing paradigm that attracted many computer users, business, and government agencies. Cloud computing brought a lot of advantages especially in ubiquitous services where everybody can access computer services through internet. With cloud computing, there is no need of physical hardware or servers that will support the companys computer system, internet services and networks. It will basically cut down the expenses of the company allotted for the maintenance of the computer system. Along with the good benefits of Cloud Computing has to offer, there are security problems which make users anxious about the safety, reliability and efficiency of migrating to cloud computing. Here in this proposal we discuss various features of attribute based access control mechanisms, suitable for cloud computing environment. We present distributed access control architecture for multitenant and virtualized environments. Problem identification: Cloud computing is one of the emerging technologies. The cloud environment is a large open distributed system. It is important to preserve the data, as well as, privacy of users. Along with the good benefits of Cloud Computing has to offer, there are security problems which make users anxious about the safety, reliability and efficiency of migrating to cloud computing. Access Control methods ensure that authorized users access the data and the system. Existing Approaches: Several researchers have previously addressed access control issues for cloud computing. Daniel Nurmi and his colleagues provided an authorization system to control the execution of virtual machines (VMs) to ensure that only administrators and owners could access them. Stefan Berger and his colleagues promoted an authorization model based on both role-based access control (RBAC) and security labels to control access to shared data, VMs, and network resources. Jose Alcaraz Calero and his colleagues presented a centralized authorization system that provides a federated path-based access control mechanism. What distinguishes our work is that we present an architecture that can be implemented using an XML-based formalism. Motivation: In order to realize scalable, flexible, and fine-grained access control of outsourced data in cloud computing, Zhiguo Wan wet al proposed hierarchical attribute-set-based encryption (HASBE) by extending cipher text policy attribute set based encryption (ASBE) with a hierarchical structure of users. The proposed scheme not only achieves scalability due to its hierarchical structure, but also inherits flexibility and fine-grained access control in supporting compound attributes of ASBE. In addition, HASBE employs multiple value assignments for access expiration time to deal with user revocation more efficiently than existing schemes. Proposed Approach: With the motivation gained from the HASBE, here we propose distributed access control architecture for multitenant and virtualized environments. The design of this architecture is based on the principles from security management and software engineering. From a security management perspective, the goal is to meet cloud users access control requirements. From a software engineering perspective, the goal is to generate detailed specifications of such requirements. Software Requirements: OS: Any OS with JRE Language: JAVA SE IDE: Netbeans Build Tool: ANT Java RMI Mechanism Hardware Requirements: 1 GB RAM 80 GB Hard Disk Pentium 4 Compatibility