TWO MECHANISM BASED DATA SECURITY PROTECTION FOR CLOUD STORAGE SYSTEM

Jayant Singh

M.Tech (Computer Science & Engineering), RKDF College of Engineering, Bhopal Sanjay Kumar Brahman

Dept. of Computer Science, RKDF College of Engineering, Bhopal 1 INTRODUCTION

CLOUD storage is a model of networked storage system where data is stored in pools of storage which are generally hosted by third parties. There are many benefits to use cloud storage. The most notable is data accessibility. Data stored in the cloud can be accessed at any time from any place as long as there is network access. Storage maintenance tasks, such as purchasing additional storage capacity, can be offloaded to the responsibility of a service provider. Another advantage of cloud storage is data sharing between users. If Alice wants to share a piece of data (e.g., a video) to Bob, it may be difficult for her to send it by email due to the size of data. Instead, Alice uploads the file to a cloud storage system so that Bob can download it at anytime.[2-5]

1.1 Limitation & Scope

There exists cryptographic primitive called

―leakage-resilient encryption‖.The security of the scheme is still guaranteed if the leakage of the secret key is up to certain bits such that the knowledge of these bits does not help to recover the whole secret key. However, though using leakage resilient primitive can safeguard the leakage of certain bits, there exists another practical limitation.

2 LITERATURE SURVEY

2.1 Public Key Replacement and Universal Forgery of SCLS Scheme [11]

Mingwu Zhang (2013)‖ Certificate less cryptography eliminates the need of certificates in the PKI and solves the inherent key escrow problem in the ID- based cryptography. Recently, Du and Wen proposed a short certificate less signature scheme (SCLS) without Map to Point hash function, and the signature size is short enough with only half of the DSA signature. In this paper, after the detailing the formal of certificate less signature scheme, we show that the Du- Wen’s short certificate less signature

scheme is insecure that is broken by a type-I adversary who has the ability in replacing users’ public keys and accessing to the signing oracles, and also cannot resist on the universal forgery attack for any third user.

Short certificate less signature is a useful cryptographic tool in the systems or devices with low bandwidth channel and/or low computation power, where it can prevent the malicious behaviour from malicious-but-passive KGC. Recently, Du and Wen proposed an efficient CLS scheme with shorter signature size and higher computation efficiency without Map to Point map function. In this paper we showed that the Du-Wen’s CLS scheme is universally forgeable for any third party and cannot resist on the type-I adversary under replacing public keys attacks. This result shows that it is possible insecure if it combines a standard deterministic signature scheme into a certificate less ones.

3 INTRODUCTION

The Systems Development Life Cycle (SDLC), or Software Development Life Cycle in systems engineering, information systems and software engineering, is the process of creating or altering systems, and the models and methodologies that people use to develop these systems. In software engineering the SDLC concept underpins many kinds of software development methodologies. These methodologies form the framework for planning and controlling the creation of an information system the software development process.

3.1 Existing Work

There exists cryptographic primitive called

―leakage-resilient encryption‖. The

security of the scheme is still guaranteed

if the leakage of the secret key is up to

certain bits such that the knowledge of

these bits does not help to recover the

whole secret key. However, though using

6

Vol. 06, Issue 05, May 2021 IMPACT FACTOR: 7.98 (INTERNATIONAL JOURNAL)

1 leakage resilient primitive can safeguard

the leakage of certain bits, there exists another practical limitation. Suppose we put part of the secret key into the security device. Unfortunately the device is stolen.

The user needs to obtain a replacement device so that he can continue to decrypt his corresponding secret key. The trivial way is to copy the same bits (as in the stolen device) to the new device by the private key generator (PKG). This approach can be easily achieved. Nevertheless, there exists security risk. If the adversary (who has stolen the security device) can also break into the computer where the other part of secret key is stored, then it can decrypt all cipher text corresponding to the victim user. The most secure way is to cease the validity of the stolen security device.

3.2 Proposed System

In this paper, we propose a novel two- factor security protection mechanism for data stored in the cloud. Our mechanism provides the following nice features: 1) Our system is an IBE (Identity-based encryption)- based mechanism. That is, the sender only needs to know the identity of the receiver in order to send an encrypted data (cipher text) to him/her.

No other information of the receiver (e.g., public key, certificate etc.) is required.

Then the sender sends the cipher text to the cloud where the receiver can download it at anytime. 2) Our system provides two-factor data encryption protection. In order to decrypt the data stored in the cloud, the user needs to possess two things. First, the user needs to have his/her secret key which is stored in the computer. Second, the user needs to have a unique personal security device which will be used to connect to the computer (e.g., USB, Bluetooth and NFC).

It is impossible to decrypt the cipher text without either piece. 3) More importantly, our system, for the first time, provides security device (one of the factors) revocability. Once the security device is stolen or reported as lost, this device is revoked. That is, using this device can no longer decrypt any cipher text (corresponding to the user) in any circumstance. The cloud will immediately execute some algorithms to change the existing cipher text to beun-decryptableby this device. While, the user needs to use

his new/replacement device (together with his secret key) to decrypt his/her cipher text; this process is completely transparent to the sender.

4. IMPLEMENTATION

4.1 Introduction of Technologies Used About Java:

Initially the language was called as ―oak‖

but it was renamed as ―java‖ in 1995.The primary motivation of this language was the need for a platform-independent (i.e.

architecture neutral)language that could be used to create software to be embedded in various consumer electronic devices.

Java is a programmer’s language Java is cohesive and consistent Except for those constraint imposed by the Internet environment. Java gives the programmer, full control

Finally Java is to Internet Programming where c was to System Programming.

4.2 Types of Containers:

Figure 4.1 Types of Containers 5 RESULT & DISCUSSIONS

In this paper, we introduced a novel two-

factor data security protection mechanism

for cloud storage system, in which a data

sender is allowed to encrypt the data with

knowledge of the identity of a receiver

only, while the receiver is required to use

both his/her secret key and a security

device to gain access to the data. Our

solution not only enhances the

confidentiality of the data, but also offers

the revocability of the device so that once

the device is revoked; the corresponding

cipher text will be updated automatically

by the cloud server without any notice of

the data owner. Furthermore, we

presented the security proof and efficiency

analysis for our system. We can have the results for this proposed work.

5.1 Proposed System and Algorithm Implementation is one of the most important tasks in project is the phase in which one has to be cautions because all the efforts undertaken during the project will be very interactive. Implementation is the most crucial stage in achieving successful system and giving the users confidence that the new system is workable and effective. Each program is tested individually at the time of development using the sample data and has verified that these programs link together in the way specified in the program specification. The computer system and its environment are tested to the satisfaction of the user.

5.2 Implementation

The implementation phase is less creative than system design. It is primarily concerned with user training, and file conversion. The system may be requiring extensive user training. The initial parameters of the system should be modifies as a result of a programming. A simple operating procedure is provided so that the user can understand the different functions clearly and quickly. The different reports can be obtained either on the inkjet or dot matrix printer, which is available at the disposal of the user. The proposed system is very easy to implement. In general implementation is used to mean the process of converting a new or revised system design into an operational one.

5.3 Screen Shorts:

Figure 5.1 Keys Application:

(The first factor is his/her secret key stored in the computer)

Figure 5.2 USB Application:

(The second factor is a unique personal security device which connects to the computer)

Figure 5.3 User Application:

Figure 5.4 Click on Register to Register a New User:

Figure 5.5 After Successful

Registration:

6

Vol. 06, Issue 05, May 2021 IMPACT FACTOR: 7.98 (INTERNATIONAL JOURNAL)

3 Figure 5.6 Similarly Registering 2 More

Users:

Figure 5.7 Login as a Registered User:

Figure 5.8 User Home Screen:

Figure 5.9 Click on Upload File Button, to Upload the Files on to Cloud Server:

Figure 5.10 While Uploading the Data onto Cloud, we can Create the Access

Policy for Users:

Figure 5.11 After Successfully Uploading the File onto Cloud:

Figure 5.12 The Owner Can Download the Data, Click on Download File

Button:

Figure 5.13 Owner/ user can Report the Loss of Device, if they Lost the Device then wont able to Decrypt The

Data:

After reporting the loss of device:

Figure 5.14 Unable to Decrypt the Data:

Figure 5.15 Login as a User and Try Downloading:

Figure 5.16 The Cloud Server, Keys Server & USB Server

Figure 5.17 The Cloud Server, Keys

Server & USB Server

6

Vol. 06, Issue 05, May 2021 IMPACT FACTOR: 7.98 (INTERNATIONAL JOURNAL)

5 5.4 Test Results

Test Cases:

Test Case

Id Test Case

Name Test Case

Desc. Test Steps Test

Case Status

Test Priori Step Expected Actual ty

Cloud

server 01 Cloud server

started To verify cloud server start or not

If server is

not start It is not store any data of user

It store user details

High High

Key application 02

Key generation started

To verify key generation start or not

If server is

not start It is not

provide keys It provides keys to user

High High

USB application 03

USB package

server started To verify USB package server started or not

If server is

not start It is not provide request

Request

came High High Register 04 User

Registration To get authorization user must be register in the system

If user will not fill a particular field

Fill the

empty field Registratio n process is

completed

High High

Login 05 User Login To verify login user valid or not

If we enter wrong password or username

Invalid login Login successfull y

High High

Upload 06 Upload file User uploading file into the cloud server

If not

uploaded data

Any file information details are not stored in the cloud server

Uploaded successfull y

High High

Share file

07 Share the

information of file

To check whether you are given access

permission or not

If suppose you are not given access permission

We cannot download the files

We can download the files

High High

Revoke 08 revocation To verify whether you will select and revoke a particular user or not

If you are revoke any user

He is not download any file and to remove the access permission

To give the access permission

Mediu

m Mediu

m

Download

09 downloading

the file Test whether the given file either exist or not in the cloud server

If the file is not in stored in cloud server

File cannot download by the user

Download the selected file and stored D drive in the system

Mediu

m Mediu

m

Table 5.1 Test Result 5.5 Comparison in Existing and

Proposed Research

In this Research, we propose a two-factor data security protection mechanism with factor revocability for cloud storage system. Our system allows a sender to send an encrypted message to a receiver through a cloud storage server. The sender only needs to know the identity of the receiver but no other information (such as its public key or its certificate).

The receiver needs to possess two things in order to decrypt the cipher text. The first thing is his/her secret key stored in the computer. The second thing is a unique personal security device which connects to the computer. It is impossible

to decrypt the cipher text without either

piece. More importantly, once the security

device is stolen or lost, this device is

revoked. It cannot be used to decrypt any

cipher text. This can be done by the cloud

server which will immediately execute

some algorithms to change the existing

cipher text to be un-decrypt able by this

device. This process is completely

transparent to the sender. Furthermore,

the cloud server cannot decrypt any

cipher text a t any time. The security and

efficiency analysis show that our system

is not only secure but also practical.

we propose a new data access control scheme for multi-authority cloud storage systems. The proposed scheme provides two-factor protection mechanism to enhances the confidentiality of outsourced data. If a user wants to recover the outsourced data, this user is required to hold sufficient attribute secret keys with respect to the access policy and authorization key with regard to the outsourced data. In our proposed scheme, both the size of cipher text and the number of pairing operations in decryption are constant, which reduce the communication overhead and computation cost of the system. In addition, the proposed scheme provides the user-level revocation for data owner in attribute-based data access control systems.

5.6 Research Summary

In this research, we will introduced a novel two-factor data security protection mechanism for cloud storage system, in which a data sender is allowed to encrypt the data with knowledge of the identity of a receiver only, while the receiver is required to use both his/her secret key and a security device to gain access to the data. Our solution will not only enhances the confidentiality of the data, but also it will offers the revocability of the device so that once the device is revoked; the corresponding cipher text will be updated automatically by the cloud server without any notice of the data owner.

Furthermore, we will try to improve presented the security proof and efficiency analysis for our system.

5.6.1 Advantages of Proposed System:

1. Our solution not only enhances the confidentiality of the data, but also offers the revocability of the device so that once the device is revoked;

the corresponding cipher text will be updated automatically for security system by the cloud server without any notice of the data owner.

2. The cloud server cannot decrypt any cipher text at any time

6 CONCLUSION

In this paper, we introduced a novel two- factor data security protection mechanism for cloud storage system, in which a data sender is allowed to encrypt the data with knowledge of the identity of a receiver only, while the receiver is required to use both his/her secret key and a security device to gain access to the data. Our solution not only enhances the confidentiality of the data, but also offers the revocability of the device so that once the device is revoked; the corresponding cipher text will be updated automatically by the cloud server without any notice of the data owner. Furthermore, we presented the security proof and efficiency analysis for our system.

REFERENCES

1. Akavia, S. Goldwasser, and V.

Vaikuntanathan, ―Simultaneous hardcore bits and cryptography against memory attacks,‖ in Proc. 6th Theory Cryptography Conf., 2009, pp. 474–495.

2. S. S. Al-Riyami and K. G. Paterson,

―Certificate less public key cryptography,‖ in Proc. 9th Int. Conf. Theory Appl. Cryptol., 2003, pp. 452–473.

3. M. H. Au, J. K. Liu, W. Susilo, and T. H.

Yuen, ―Certificate based (linkable) ring signature,‖ in Proc. Inf. Security Practice Experience Conf., 2007, pp. 79–92.

4. M. H. Au, Y. Mu, J. Chen, D. S. Wong, J. K.

Liu, and G. Yang, ―Malicious KGC attacks in certificate less cryptography,‖ in Proc. 2nd ACM Symp. Inf., Comput. Commun. Security, 2007, pp. 302–311.

5. M. Blaze, G. Bleumer, and M. Strauss,

―Divertible protocols and atomic proxy cryptography,‖ in Proc. Int. Conf. Theory Appl. Cryptographic Techn., 1998, pp. 127–

144.

6. Boldyreva, V. Goyal, and V. Kumar, ―Identity- based encryption with efficient revocation,‖ in Proc. ACM Conf. Comput. Commun. Security, 2008, pp. 417–426.

7. D. Boneh, X. Ding, and G. Tsudik, ―Fine- grained control of security capabilities,‖ ACM Trans. Internet Techn., vol. 4, no. 1, pp. 60–

82, 2004.

8. D. Boneh and M. Franklin, ―Identity-based encryption from the Weil pairing,‖ in Proc.

21st Annu. Int. Cryptol. Conf., 2001, pp.

213–229.

9. R. Canetti and S. Hohenberger, ―Chosen- cipher text secures proxy re-encryption,‖ in Proc. ACM Conf. Comput. Commun. Security, 2007, pp. 185–194.

6

Vol. 06, Issue 05, May 2021 IMPACT FACTOR: 7.98 (INTERNATIONAL JOURNAL)

7

10. H. C. H. Chen, Y. Hu, P. P. C. Lee, and Y.

Tang, ―NC Cloud: A network-coding-based storage system in a cloud-of-clouds,‖ IEEE Trans. Comput., vol. 63, no. 1, pp. 31–44, Jan. 2014.

11. Mingwu Zhang, Jintao Yao, Chunzhi Wang, And Tsuyoshi Takagi‖ Public Key Replacement And Universal Forgery Of SCLS Scheme, International Journal Of Network Security, Vol.15, No.1, PP.115-120, Jan.

2013

12. Changyu Dong, Naranker Dulay Longitude: A Privacy-Preserving Location Sharing Protocol For Mobile Applications, Trust Management V, 5th IFIP WG 11.11 International Conference, IFIPTM 2011, Copenhagen, Denmark, June 29-July 1, 2011, Proceedings 13. Indrajit Roy, Donald E. Porter, Michael D.

Bond, Kathryn S. Mckinle, Y Emmett Witch el

―Laminar: Practical Fine-Grained Decentralized Information Flow Control,

―ACM 2009‖

14. Benoˆıt Libert And Damien Vergnaud

―Unidirectional Chosen-Cipher text Secure Proxy Re-Encryption ―(2009)’’

15. Nubila Jaleel, Chinju K ―Mediated Certificate less Cryptosystem For The Security Of Data In Public Cloud‖ IJRET: International Journal Of Research In Engineering And Technology Eissn: 2319-1163 | Pissn: 2321-7308, Volume: 04 Issue: 09| September-2015 16. Mrs. Savita Kacheshwar Dabhade, Prof. M. K.

Kshirsagar ―Data Security In Cloud Using Aggregate Key And Diffie Hellman Algorithm‖

IJCSMC, Vol. 4, Issue. 4, April 2015, Pg. 906 – 923 RESEARCH ARTICL, ISSN 2320–088X 17. Benoît Libert, Jean-Jacques Quisquater

Parallel Key-Insulated Public Key Encryption Without Random Oracles,PKC'07 Proceedings Of The 10th International Conference On Practice And Theory In Public-Key Cryptography Pages 298-314 Beijing, China

— April 16 - 20, 207

18. Cong Wang, Ning Cao ―Towards Secure And Dependable Storage services In Cloud Computing‖, IEEE 2009

19. Akavia, S. Goldwasser, and V.

Vaikuntanathan. Simultaneous hardcore bits and cryptography against memory attacks. In TCC, volume 5444 of Lecture Notes in Computer Science, pages 474–495.Springer, 2009.

20. S. S. Al-Riyami and K. G. Paterson. Certificate less public key cryptography. In ASIACRYPT, volume 2894 of Lecture Notes in Computer Science, pages 452–473. Springer, 2003.

21. M. H. Au, J. K. Liu, W. Susilo, and T. H.

Yuen. Certificate based (linkable) ring signature. In ISPEC, volume 4464 of Lecture Notes in Computer Science, pages 79–92.

Springer, 2007.

22. M. H. Au, Y. Mu, J. Chen, D. S. Wong, J. K.

Liu, and G. Yang. Malicious kg attacks in certificate less cryptography. In ASIACCS, pages 302–311. ACM, 2007.

23. M. Blaze, G. Bleumer, and M. Strauss.

Divertible protocols and atomic proxy cryptography. In K. Nyberg, editor, EUROCRYPT, volume 1403 of LNCS, pages 127–144. Springer, 1998.

24. Boldyreva, V. Goyal, and V. Kumar. Identity- based encryption with efficient revocation. In

P. Ning, P. F. Syverson, and S. Jha, editors, ACM Conference on Computer and Communications Security, pages 417–426.

ACM, 2008.

25. D. Boneh, X. Ding, and G. Tsudik. Fine- grained control of security capabilities. ACM Trans. Internet Techn., 4(1):60–82, 2004.

26. D. Boneh and M. Franklin. Identity-based encryption from the weil pairing. In CRYPTO

’01, volume 2139 of LNCS, pages 213–229.

Springer, 2001.

27. R. Canetti and S. Hohenberger. Chosen- cipher text secure proxy re-encryption. In P.

Ning, S. D. C. di Vimercati, and P. F.

Syverson, editors, ACM Conference on Computer and Communications Security, pages 185–194. ACM, 2007.

28. H. C. H. Chen, Y. Hu, P. P. C. Lee, and Y.

Tang. Nccloud: A network-coding-based storage system in a cloud-of-clouds. IEEE Trans. Computers, 63(1):31–44, 2014.

29. S. S. M. Chow, C. Boyd, and J. M. G. Nieto.

Security-mediated certificate less cryptography. In Public Key Cryptography, volume3958 of Lecture Notes in Computer Science, pages 508–524. Springer, 2006.

30. C.-K. Chu, S. S. M. Chow, W.-G. Tzeng, J.

Zhou, and R. H. Deng. Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans. Parallel Distrib.

Syst., 25(2):468–477, 2014.

31. C.-K. Chu and W.-G. Tzeng. Identity-based proxy re-encryption without random oracles.

In J. A. Garay, A. K. Lenstra, M. Mambo, and R. Peralta, editors, ISC, volume 4779 of LNCS, pages 189–202.Springer, 2007.

32. R. Cramer and V. Shoup. Design and analysis of practical public key encryption schemes secure against adaptive chosen cipher text attack. SIAM J. Comput., 33(1):167–226, January 2004.

33. Y. Dodis, Y. T. Kalai, and S. Lovett. On cryptography with auxiliary input. In STOC, pages 621–630. ACM, 2009.

34. Y. Dodis, J. Katz, S. Xu, and M. Yung. Key- insulated public key crypto systems. In EUROCRYPT, volume 2332 of Lecture Notes in Computer Science, pages 65–82. Springer, 2002.

35. Y. Dodis, J. Katz, S. Xu, and M. Yung. Strong key-insulated signature schemes. In Public Key Cryptography, volume 2567 of Lecture Notes in Computer Science, pages 130–144.

Springer, 2003.

36. L. Ferretti, M. Colajanni, and M. Marchetti.

Distributed, concurrent, and independent access to encrypted cloud databases. IEEE Trans. Parallel Distrib. Syst., 25(2):437–446, 2014.

37. Gentry. Certificate-based encryption and the certificate revocation problem. In EUROCRYPT, volume 2656 of Lecture Notes in Computer Science, pages 272–293.

Springer, 2003.

38. M. Green and G. Ateniese. Identity-based proxy re-encryption. In ACNS ’07, volume 4512 of LNCS, pages 288–306.Springer, 2007.

39. H. Guo, Z. Zhang, J. Zhang, and C. Chen.

Towards a secure certificate less proxy re- encryption scheme. In W. Susilo and R.

Reyhanitabar, editors, Prov Sec, volume 8209

of Lecture Notes in Computer Science, pages 330–346. Springer, 2013.

40. G. Hanaoka, Y. Hanaoka, and H. Imai.

Parallel key-insulated public key encryption.

In Public Key Cryptography, volume 3958 of Lecture Notes in Computer Science, pages 105–122. Springer, 2006.

41. Y. H. Hwang, J. K. Liu, and S. S. M. Chow.

Certificate less public key encryption secure against malicious kgc attacks in the standard model. J. UCS, 14(3):463–480, 2008.

42. K. Liang, Z. Liu, X. Tan, D. S. Wong, and C.

Tang. A cca-secure identity-based conditional proxy re-encryption without random oracles.

In T. Kwon, M.-K. Lee, and D. Kwon, editors, ICISC, volume 7839 of LNCS, pages 231–246.

Springer, 2012.

43. Libert, J. -J. Quisquater, and M. Yung.

Parallel key-insulated public key encryption without random oracles. In Public Key Cryptography, volume 4450 of Lecture Notes in Computer Science, pages 298–314.

Springer, 2007.

44. B. Libert and D. Vergnaud. Adaptive-id secure revocable identity based encryption. In M. Fischlin, editor, CT-RSA, volume 5473 of Lecture Notes in Computer Science, pages 1–

15. Springer, 2009.

45. B. Libert and D. Vergnaud. Unidirectional chosen-cipher text secure proxy re- encryption. IEEE Transactions on Information Theory, 57(3):1786–1802, 2011.

46. J. K. Liu, M. H. Au, and W. Susilo. Self- generated-certificate public key cryptography and certificate less signature/encryption scheme in the standard model: extended abstract. In ASIACCS, pages 273–283. ACM, 2007.

47. J. K. Liu, J. Baek, W. Susilo, and J. Zhou.

Certificate-based signature schemes without pairings or random oracles. In ISC, volume 5222 of Lecture Notes in Computer Science, pages 285–297.Springer, 2008.

48. J. K. Liu, J. Baek, and J. Zhou. Certificate- based sequential aggregate signature. In WISEC, pages 21–28. ACM, 2009.

49. J. K. Liu, F. Bao, and J. Zhou. Short and efficient certificate-based signature. In Networking Workshops, volume 6827 of Lecture Notes in Computer Science, pages 167–178. Springer, 2011.

50. J. K. Liu and D. S. Wong. Solutions to key exposure problem inring signature. I. J.

Network Security, 6(2):170–180, 2008.

51. J. K. Liu and J. Zhou. Efficient certificate- based encryption in the standard model. In SCN, volume 5229 of Lecture Notes in Computer Science, pages 144–155. Springer, 2008.

52. S. Luo, Q. Shen, and Z. Chen. Fully secure unidirectional identity based proxy re- encryption. In H. Kim, editor, ICISC, volume 7259of LNCS, pages 109–126. Springer, Heidelberg, 2011.

53. M. Mambo and E. Okamoto. Proxy cryptosystems: Delegation of the power to decrypt cipher texts. IEICE Transactions, E80-A(1):54–63, 1997.

54. T. Matsuo. Proxy re-encryption systems for identity-based encryption. In Pairing ’07, volume 4575 of LNCS, pages 247–

267.Springer, 2007.

55. M. Naor and G. Segev. Public-key cryptosystems resilient to key leakage. In CRYPTO, volume 5677 of Lecture Notes in Computer Science, pages 18–35. Springer, 2009.

56. A Sahai, H. Seyalioglu, and B. Waters.

Dynamic credentials and cipher text delegation for attribute-based encryption. In R. Safavi-Naini and R. Canetti, editors, CRYPTO, volume 7417 of Lecture Notes in Computer Science, pages 199–217.Springer, 2012.14

57. J. H. Seo and K. Emura. Efficient delegation of key generation and revocation functionalities in identity-based encryption.

In E. Dawson, editor, CT-RSA, volume 7779 of Lecture Notes in Computer Science, pages 343–358. Springer, 2013.

58. J. Shao and Z. Cao. Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption.

Information Sciences, 206(0):83 – 95, 2012.

59. Q. Tang, P. H. Hartel, and W. Jonker. Inter- domain identity-based proxy re-encryption. In M. Yung, P. Liu, and D. Lin, editors, Inscrypt, volume 5487 of Lecture Notes in Computer Science, pages332–347.Springer, 2008.

60. V. Varadharajan and U. K. Tupakula.

Security as a service model for cloud environment. IEEE Transactions on Network and Service Management, 11(1):60–75, 2014.

61. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou. Privacy preserving public auditing for secure cloud storage. IEEE Trans.

Computers, 62(2):362–375, 2013.

62. C. Wang, Q. Wang, K. Ren, N. Cao, and W.

Lou. Toward secure and dependable storage services in cloud computing. IEEE T. Services Computing, 5(2):220–232, 2012.

63. H. Wang. Proxy provable data possession in public clouds. IEEET. Services Computing, 6(4):551–559, 2013.

64. B. Waters. Efficient identity-based encryption without random oracles. In R. Cramer, editor, EUROCRYPT, volume 3494 of Lecture Notes in Computer Science, pages 114–

127.Springer, 2005.

65. K. Yang, X. Jia, K. Ren, B. Zhang, and R. Xie.

Dac-macs: Effective data access control for multiauthority cloud storage systems. IEEE Transactions on Information Forensics and Security, 8(11):1790–1801,2013.

66. W.-S. Yap, S. S. M. Chow, S.-H. Heng, and B.-M. Goi. Security mediated certificate less signatures. In ACNS, volume 4521 of Lecture Notes in Computer Science, pages 459–477.

Springer, 2007.

67. Y. Zhu, G.-J.Ahn, H. Hu, S. S. Yau, H. G. An, and C. Hu. Dynamic audit services for outsourced storages in clouds. IEEE T.

Services Computing, 6(2):227–238, 2013.